Iso 27001 Business Continuity

Hot wheels velocity x for pc. Provo, Frank (January 3, 2003).

ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise ^[1]. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization^[2][3][4].

The company holds BSI certification for ISO 22301 business continuity, ISO/IEC 27001 information security, and achieved auditor verification from BSI aligned to ISO 27031, an international standard for IT security techniques.

Scope and contents[edit]

ISO 22301 has adopted the new format for writing management system standards described in Annex SL and it includes the following ten main clauses:

1. Scope
2. Normative references
3. Terms and definitions
4. Context
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement

Supporting standards[edit]

ISO 22301 is the first of a series of ISO standards and Technical Specifications on BCM, including^[5]

• ISO 22313:2013 Societal security – Business continuity management systems – Guidance^[6]
• ISO/TS 22317:2015 Societal security – Business continuity management systems – Guidelines for business impact analysis^[7]
• ISO/TS 22318:2015 Societal security – Business continuity management systems – Guidelines for supply chain continuity^[8]
• ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity^[9]
• ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy^[10]
• ISO/IEC/TS 17021-6:2015 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems

History and revision[edit]

This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in May 2012. ISO 22301:2012 was the first published ISO standard that had fully adopted the new format for writing management system standards described in Annex SL. ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard ^[11]. The 2nd edition was published on 31 October, 2019. ^[12]

See also[edit]

References[edit]

1. ^https://www.iso.org/standard/75106.html
2. ^https://advisera.com/27001academy/what-is-iso-22301/
3. ^https://www.itgovernance.co.uk/blog/what-is-business-continuity-iso-22301-and-why-do-you-need-it
4. ^https://searchdisasterrecovery.techtarget.com/definition/ISO-22301-International-Organization-of-Standardization-standard-22301
5. ^https://www.iso.org/news/2012/06/Ref1587.html
6. ^https://www.iso.org/standard/50050.html?browse=tc
7. ^https://www.iso.org/standard/50054.html?browse=tc
8. ^https://www.iso.org/standard/65336.html?browse=tc
9. ^https://www.iso.org/standard/50067.html?browse=tc
10. ^https://www.iso.org/standard/50067.html?browse=tc
11. ^http://www.isotc292online.org/news-archive/iso-22301-under-revision/
12. ^https://www.iso.org/standard/75106.html

External links[edit]

• ISO 22301—Societal security -- Business continuity management systems --- Requirements
• ISO TC 292—Security and resilience
• ISO 22301 at isotc292online.org