ISO 22301
This article relies largely or entirely on a single source. (November 2017) |
ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise [1]. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization[2][3][4].
Scope and contents
ISO 22301 has adopted the new format for writing management system standards described in Annex SL and it includes the following ten main clauses:
- Scope
- Normative references
- Terms and definitions
- Context
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement
Supporting standards
ISO 22301 is the first of a series of ISO standards and Technical Specifications on BCM, including[5]
- ISO 22313:2013 Societal security – Business continuity management systems – Guidance[6]
- ISO/TS 22317:2015 Societal security – Business continuity management systems – Guidelines for business impact analysis[7]
- ISO/TS 22318:2015 Societal security – Business continuity management systems – Guidelines for supply chain continuity[8]
- ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity[9]
- ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy[10]
- ISO/IEC/TS 17021-6:2015 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems
History and revision
This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in May 2012. ISO 22301:2012 was the first published ISO standard that had fully adopted the new format for writing management system standards described in Annex SL. ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard [11]. The 2nd edition was published on 31 October, 2019, essentially consisting in refactoring the text of the standard to avoid repetitions. [12]
See also
References
- ^ https://www.iso.org/standard/75106.html
- ^ https://advisera.com/27001academy/what-is-iso-22301/
- ^ https://www.itgovernance.co.uk/blog/what-is-business-continuity-iso-22301-and-why-do-you-need-it
- ^ https://searchdisasterrecovery.techtarget.com/definition/ISO-22301-International-Organization-of-Standardization-standard-22301
- ^ https://www.iso.org/news/2012/06/Ref1587.html
- ^ https://www.iso.org/standard/50050.html?browse=tc
- ^ https://www.iso.org/standard/50054.html?browse=tc
- ^ https://www.iso.org/standard/65336.html?browse=tc
- ^ https://www.iso.org/standard/50067.html?browse=tc
- ^ https://www.iso.org/standard/50067.html?browse=tc
- ^ http://www.isotc292online.org/news-archive/iso-22301-under-revision/
- ^ https://www.iso.org/standard/75106.html
External links
- ISO 22301—Societal security -- Business continuity management systems --- Requirements
- ISO TC 292—Security and resilience
- ISO 22301 at isotc292online.org