Jump to content

ISO 22301

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Malki-Sedeq (talk | contribs) at 14:19, 13 February 2020 (History and revision). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise [1]. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization[2][3][4].

Scope and contents

ISO 22301 has adopted the new format for writing management system standards described in Annex SL and it includes the following ten main clauses:

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance evaluation
  10. Improvement

Supporting standards

ISO 22301 is the first of a series of ISO standards and Technical Specifications on BCM, including[5]

  • ISO 22313:2013 Societal security – Business continuity management systems – Guidance[6]
  • ISO/TS 22317:2015 Societal security – Business continuity management systems – Guidelines for business impact analysis[7]
  • ISO/TS 22318:2015 Societal security – Business continuity management systems – Guidelines for supply chain continuity[8]
  • ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity[9]
  • ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy[10]
  • ISO/IEC/TS 17021-6:2015 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems

History and revision

This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in May 2012. ISO 22301:2012 was the first published ISO standard that had fully adopted the new format for writing management system standards described in Annex SL. ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard [11]. The 2nd edition was published on 31 October, 2019, essentially consisting in refactoring the text of the standard to avoid repetitions. [12]

See also

References

  • ISO 22301—Societal security -- Business continuity management systems --- Requirements
  • ISO TC 292—Security and resilience
  • ISO 22301 at isotc292online.org