ISO 22301:2012, Societal security – Business continuity management systems – Requirements, will help organisations, regardless of their size, location, or activity, to be better prepared and more confident to handle unexpected and disruptive incidents.
'Organisations implementing ISO 22301 will be able to demonstrate to legislators, regulators, customers, prospective customers, and other interested parties that they are adhering to good practice in business continuity management,' says Dr Stefan Tangen, Secretary of the ISO technical committee that developed the new Standard. 'ISO 22301 may also be used within an organisation to measure itself against good practice, and by auditors wishing to report to management.'
Incidents can disrupt an organisation at any time and applying ISO 22301 will ensure that an organisation can respond and continue to operate. Incidents can range from large-scale natural disasters and acts of terror to technology-related accidents and environmental incidents. However, most incidents are small but can have a significant impact, which makes business continuity management (BCM) relevant at all times.
- provides a framework to plan, establish, implement, operate, monitor, review, maintain and continually improve a business continuity management system (BCMS). The Standard will help organisations protect against, prepare for, respond to, and recover from disruptive incidents
- helps an organisation to design a BCMS that is appropriate to its needs and meets its stakeholders' requirements.
Dave Austin, the project leader responsible for writing ISO 22301, says, 'To work well, ISO 22301 will need organisations to have thoroughly understood its requirements. Rather than being simply about a project or developing “a plan”, BCM is an ongoing management process requiring competent people working with appropriate support and structures that will perform when needed.'
ISO 22301 is the first Standard published that is aligned with the new ISO format for writing management systems Standards. This will ease understanding and ensure consistency with other management systems, such as ISO 9001 (quality management), ISO 14001 (environmental management), and ISO/IEC 27001 (information security management).
ISO 22301 may be used for third-party certification as well as for self-assessment. To help users get the best out of the Standard, it includes short and concise requirements describing the central elements of BCM.
Given the role of business continuity in every sector, ISO 22301 has a huge worldwide potential. So far, numerous countries have started to adopt ISO 22301, including Singapore and United Kingdom to replace their existing national Standards. There is already interest from business worldwide who wish to apply good practice and obtain certification against this Standard. This attests to its vast potential user base and expected benefits.
Note: You can order ISO Standards from www.standards.co.nz or call 0800 782 632 during business hours or email email@example.com. Members of Standards New Zealand receive a 20% discount on all NZS and AS/NZS Standards, and a 10% discount on all international Standards. Visit our membership page for more information.
- AS/NZS ISO 9001:2008 Quality management systems – Requirements
- AS/NZS ISO 14001:2004 Environmental management systems – Requirements with guidance for use
- AS/NZS ISO/IEC 27001:2006 Information technology – Security techniques – Information security management systems – Requirements
- Business continuity – new British Published Document on supply chain continuity, Touchstone, February 2012
- New Standard published for managing disruption-related risk, media release, 7 July 2010
Standards New Zealand
(04) 498 3989