This web page presents a Plain English overview of the
ISO 22301 business continuity standard. For a more detailed
version, see ISO 22301 2012 Translated into Plain English.
4.1 Understand your organization and its unique context.
4.2 Define the needs and expectations of your interested parties.
4.2.1 Clarify who interested parties are and specify their requirements.
4.2.2 Consider legal and regulatory requirements when designing BCMS.
4.3 Figure out what your BCMS should apply to and clarify its scope.
4.3.1 Think about what your organization's BCMS should cover and include.
4.3.2 Establish your requirements and define the scope of your BCMS.
4.4 Develop a BCMS that meets your needs and complies with this standard.
5.1 Provide leadership for your organization's BCMS.
5.2 Show that you support your organization's BCMS.
5.3 Establish a suitable BCMS policy for your organization.
5.4 Assign responsibility and authority for your BCMS.
6.1 Specify actions to manage your risks and address your opportunities.
7.2 Support your BCMS by making sure that people are competent.
7.3 Support your BCMS by making people aware of their responsibilities.
7.4 Support your BCMS by establishing communication procedures.
7.5 Support your BCMS by managing all relevant information.
7.5.1 Provide the information and documents that your BCMS needs.
7.5.2 Supervise the creation and modification of your BCMS documents.
7.5.3 Control your organization's BCMS information and documents.
8.1 Carry out process planning and establish controls.
8.2 Study disruptions and risks and set your priorities.
8.2.2 Evaluate and set business continuity and recovery priorities.
8.2.3 Assess your risks and identify your risk treatment options.
8.3 Develop a business continuity strategy to handle disruptions.
8.3.2 Identify the resources that you will need to implement strategy.
8.3.3 Select and implement risk treatment measures to manage risks.
8.4.1 Establish disruption and continuity management procedures.
8.4.2 Establish your incident response structure and procedures.
8.4.3 Establish disruption warning and communication procedures.
8.4.4 Establish incident response and business continuity procedures.
8.4.5 Establish suitable business recovery and restoration procedures.
9.1.1 Monitor and measure the performance of your organization's BCMS.
9.1.2 Evaluate your business continuity procedures and capabilities.
9.2 Set up an internal audit program and use it to evaluate your BCMS.
9.3 Review the performance of your BCMS at planned intervals.
10.2 Enhance the overall performance of your BCMS.
If you'd like to see how we've translated each of
these sections into
Plain English, please check out our more detailed ISO 22301 webpage.
Updated on May 18, 2016. First published on March 23, 2013.
Praxiom Research Group Limited firstname.lastname@example.org 780-461-4514
Legal Restrictions on the Use of this Page
Copyright © 2013 - 2016 by Praxiom Research Group Ltd. All Rights Reserved.