ISO 22301 Business Continuity Overview

This web page presents a Plain English overview of the
ISO 22301 business continuity standard. For a more detailed
version,
see ISO 22301 2012 Translated into Plain English.

4. Context

4.1 Understand your organization and its unique context.

4.2 Define the needs and expectations of your interested parties.

4.2.1 Clarify who interested parties are and specify their requirements.

4.2.2 Consider legal and regulatory requirements when designing BCMS.

4.3 Figure out what your BCMS should apply to and clarify its scope.

4.3.1 Think about what your organization's BCMS should cover and include.

4.3.2 Establish your requirements and define the scope of your BCMS.

4.4 Develop a BCMS that meets your needs and complies with this standard.

5. Leadership

5.1 Provide leadership for your organization's BCMS.

5.2 Show that you support your organization's BCMS.

5.3 Establish a suitable BCMS policy for your organization.

5.4 Assign responsibility and authority for your BCMS.

6. Planning

6.1 Specify actions to manage your risks and address your opportunities.

6.2 Set business continuity objectives and develop plans to achieve them.

7. Support

7.1 Support your BCMS by providing the necessary resources.

7.2 Support your BCMS by making sure that people are competent.

7.3 Support your BCMS by making people aware of their responsibilities.

7.4 Support your BCMS by establishing communication procedures.

7.5 Support your BCMS by managing all relevant information.

7.5.1 Provide the information and documents that your BCMS needs.

7.5.2 Supervise the creation and modification of your BCMS documents.

7.5.3 Control your organization's BCMS information and documents.

8. Operation

8.1 Carry out process planning and establish controls.

8.2 Study disruptions and risks and set your priorities.

8.2.1 Establish a process to analyze impacts and assess risks.

8.2.2 Evaluate and set business continuity and recovery priorities.

8.2.3 Assess your risks and identify your risk treatment options.

8.3 Develop a business continuity strategy to handle disruptions.

8.3.1 Use impact analysis and risk assessment to develop strategy.

8.3.2 Identify the resources that you will need to implement strategy.

8.3.3 Select and implement risk treatment measures to manage risks.

8.4 Establish and implement business continuity plans and procedures.

8.4.1 Establish disruption and continuity management procedures.

8.4.2 Establish your incident response structure and procedures.

8.4.3 Establish disruption warning and communication procedures.

8.4.4 Establish incident response and business continuity procedures.

8.4.5 Establish suitable business recovery and restoration procedures.

8.5 Conduct exercises and test business continuity plans and procedures.

9. Evaluation

9.1 Monitor, measure, and evaluate your organization's BCMS.

9.1.1 Monitor and measure the performance of your organization's BCMS.

9.1.2 Evaluate your business continuity procedures and capabilities.

9.2 Set up an internal audit program and use it to evaluate your BCMS.

9.3 Review the performance of your BCMS at planned intervals.

10. Improvement

10.1 Identify nonconformities and take corrective actions.

10.2 Enhance the overall performance of your BCMS.

 

 If you'd like to see how we've translated each of these sections into
Plain English, please check out our more detailed ISO 22301 webpage.

OTHER ISO 22301 PAGES

Introduction to the ISO 22301 Standard

Business Continuity Management Checklist

Plain English Business Continuity Definitions

ISO 22301 Standard Translated into Plain English

ISO 22301 Business Continuity Management Audit Tool

How to Carry Out an ISO 22301 Business Continuity Gap Analysis

Some of the Topics that Business Continuity Plans Should Address

Knowledge and Skill Continuity Management Auditors Should Have

Updated on May 18, 2016. First published on March 23, 2013.

Home Page

Our Libraries

A to Z Index

Customers

How to Order

Our Products

Our Prices

Guarantee

Praxiom Research Group Limited              help@praxiom.com             780-461-4514


Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are, of course, welcome to view our material as often
as you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright 2013 - 2016 by Praxiom Research Group Ltd. All Rights Reserved.

Praxiom Research
        Group Limited