Security and resilience — Business continuity management systems — Requirements
Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK Procedure No. EVL/BCMS/C-A/2608/C-4
The ISO 22301:2019 is an International Standard published from ISO and specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions in business and its continuity, when they arise.
The requirements (mandatory) specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating work-environment and complexity of the processes and system.
The ISO 22301:2019 standard is applicable to all types and sizes of organizations that:
a) implement, maintain and improve a BCMS;
b) seek to ensure conformity with stated business continuity policy;
c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d) seek to enhance their resilience through the effective application of the BCMS.
The standard ISO 22301:2019 can be used to assess an organization's ability to meet its own business continuity needs and obligations.
Natural disasters, fires, supply chain issues or cyber-attacks are some examples of the many unexpected yet possible threats to the smooth running of any business. Consistent and robust business continuity planning (towards perceived risks and proactive operational controls) for what to do when disaster strikes is the best defence and act towards ISO 22301 initiation.
Uncertainty in business disruption is a key area of concern for most executives, but, managed well, the benefits and opportunities are many. Having effective business continuity plans and capabilities in place is key to restoring operations if anything goes awry.
ISO 22301, Security and resilience – Business continuity management systems – Requirements, is the world’s first International Standard for implementing and maintaining an effective business continuity plan. It enables an organization to have a more effective response and a quicker recovery, thereby reducing any impact on people, products and the organization’s bottom line.
[Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK] feels that it brings together some of the world’s best practice to help organizations of any kind respond to, and recover from, disruptions effectively.
Based on the experiences of [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK], we say that:
“A resilient organization is one that is able to adapt to change, is aware of where its vulnerabilities lie and has plans in place to respond should things go wrong,”
“Recovering quickly from a business disruption requires a deep understanding of what is important to an organization, easy-to-follow response plans and staff that know their role in an incident.
“ISO 22301 helps organizations do all of that, thereby providing reassurance to their clients, suppliers, regulators and other stakeholders that they are not only prepared for disruption, but in shape for the future.”
Key improvements to the latest version- 2019 include clearer structure and terminology to foster a better understanding of what is required and updates to remain in line with all other ISO management system standards.
WHY ISO 22301 CERTIFICATION?
Obtaining the ISO 22301 certification from [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK] proves to your stakeholders and customers you have the ability to continue operating during adverse conditions, giving them peace of mind that you are a reliable supplier.
BENEFITS TO YOU FROM ISO 22301 CERTIFICATION:
• Improvement of business reputation leading to higher customer retention
• Enhanced business decision making ability as the company will have a better understanding of threats to operations
• Better Assessment of various Risks and Opportunities and strategic identification and implementation of Operational Controls
• Reduced risk of interruption to internal operations as a result of continuity incidents
• Helps safeguard the future of the business
BENEFITS TO YOUR CUSTOMERS FROM ISO 22301 CERTIFICATION:
• The supply chain will be more resilient so they will be less likely to let their customers down
• A reduction in the risk of adverse publicity caused by ‘down time’
• When tendering for new business, they can talk confidently about your internationally recognised business continuity certification
BENEFITS TO YOUR STAFF:
• Increased staff competency through enhanced process and procedure
• Improved job satisfaction as employees are clear about what to do
• Morale and motivation are boosted through improved training
What industries should implement ISO 22301:2012
As per [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK], ISO 22301:2019 is a standard which is best suited to organisations that do not have the luxury of managing downtime without disruption. IT companies, for example, cannot afford outages as this could mean the difference in clients moving to competitors that seem more reliable. As markets grow more competitive implementing systems like ISO 22301 can mean the difference in retaining and growing your client base. In recent years we have seen other industries such as banks, project management companies, construction and the public sector implement the standard. If your organisation needs to ensure clients, staff, and stakeholders that you have a plan in place to manage disruptions that lessen downtime, then ISO 22301 certification is the perfect option.
General Benefits of ISO 22301:2012
• Maximize quality and efficiency: ISO 22301 provides a framework based on international best practice around the ‘Do-WRITE-DO’ and ‘Plan, Do, Check, Act’ concept.
• Flexibility during business disruptions: During disruptions or any disaster, your organisation will have a business continuity processes in place to ensure the continued smooth running of your business, or that if disrupted you will be able to get up and running quickly and efficiently in order to ensure minimum disruptions to the services you offer.
• Competitive advantage: Ensure client/consumer confidence through certification to ISO 22301, an internationally acknowledged standard, while gaining new opportunity and winning new business.
• Organizational improvement: BCMS Certification from [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK] provides you with a clear understanding of your entire organisation. This can provide you with new opportunities for improvement.
• Continuous internal improvement via audits: During the certification process of [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK] you will participate in regular audits which ensure your management system is up to date.
• Legal and regulatory compliance: Demonstrate to your stakeholders that you meet the regional and where applicable International regulations, and other legal and regulatory requirements
• Cost savings: Your organisation may be able to reduce the cost of internal and external BCM audits, and to improve financial performance and reduce business disruption insurance premiums.
• Maintain optimum client delivery KPIs: A BCMS framework supports strengthened management processes which allow you to supply an agreed level of critical services and products within a specified time frame after disruption to your clients.
• Strengthen your internal management: A BCMS provides proven management capability during times of disruption.
• Reputational Management: Certification to ISO 22301 reinforces your commitment to providing a premium level of services to you stakeholders, even during adverse conditions.
• Expand your knowledge on how a Business Continuity Management System will help you to meet business objectives
• Gain the necessary knowledge to manage a team in the implementation of ISO 22301
• Strengthen your reputation management
• Increase your customer reliability
• Identify risks and minimize the impact of incidents
• Improve the recovery time
• Achieve international recognition through the brand certification of [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK]
Changing industry landscape and expectations
As per the experience of [Euro Veritas, UK (www.euroveritas.com) accreditated from BAR-UK], all organizations might be subject to disruptions; this may include various kinds eg. technology failure, flooding, utility disruption, fire or terrorist attack. The standard is available to any organization (or its parts) regardless of their size, scope or complexity, that wishes to manage their overall business risks and develop the capability to plan for, and respond to, incidents and business disruptions.
The consequences/outcomes of all such unexpected business disruptions may be far-reaching and might involve loss of life, loss of assets or income, or the inability to deliver products and services on which the organization's survival might depend.
By proactive identification of Risks and Opportunities and their impact of disruption, BCMS identifies those products and services that are crucial for the organization's existence, and helps to establish what responses will be needed if a disruption occurs. ISO 22301 further provides the capability to adequately react in case of disruption.