The ISO Show: Episode 42 – What is ISO 22301 Business Continuity Management?

What is Business Continuity Management and what are the benefits of ISO 22301?

Whist many businesses have adapted to remote working, in some industries such as manufacturing or construction they now looking at ways to try to return to some type of ‘business as usual’.

One standard that is completely focused on resuming operations to get back to ‘business as usual, is ISO 22301, the Business Continuity Standard. This standard is very much about minimising damage to a business and planning for business recovery as swiftly as possible.

So, what is Business Continuity Management?

Business Continuity Management involves the recovery or continuation of business activities in the event of any business disruption.  COVID-19 is a prime example of a situation that is pretty much affecting all businesses globally. 

By having a holistic Business Continuity Management System (BCMS) in place will not only help your organisation recover from disasters, it will also prevent the reputational damage that can arise from any operational outages, missed deadlines, upset customers, or direct financial loss.

ISO 22301 provides a comprehensive set of controls based on Business Continuity ‘Best practice’ from across the world.

The BCMS should also include Risk Assessment (RA) and Business Impact Analysis (BIA), which are an inherent part of ISO 22301 and an essential component to identifying prioritised activities, dependences and resources supporting their key products and services, as well as what the impact of their failure would be on the organisation.

What are the benefits of ISO 22301? 

Protection and recovery of business critical functions and processes

  • Identification and understanding of the most valuable and critical business processes and the impact of disruption.
  • Timely and orderly responses to incidents and business disruptions to continue business operations at an acceptable pre-defined level as promises in contract or agreement
  • Demonstrate credible responses through scenario-base exercising
  • Increase the survival chance of both the organisation and employees jobs and other dependents.
  • Increased levels of resilience and recovery capability, and the continued survival of the organisation

Financial

  • Improved risk profile when renewing your insurance policy, resulting in reduced insurance premiums.
  • Significantly reduced financial impact of incidents, disruption or even under disaster.
  • Provides evidence to support financial claims.

Reputational

  • Advantage gained over less resilient competitors.
  • Reputation maintained, or even improved, through demonstrating a professional approach to managing disruption.
  • Positive message communicated to the media and stakeholders in crisis conditions.

Demonstrates leadership commitment to resilience

  • Demonstrate management commitment in overall risk management with visible evidence to stakeholders.
  • Encourages clear communications on what employees need to do to recover from an incident and supports cross-department and cross-organisation coordination.
  • Compliance with the expectations of regulators, insurers, business partners and other key stakeholders.

What are the options when it comes to improving business resilience during COVID-19 and other business disruptors your company may face?

  1. Buy a copy of ISO 22301:2019 and review your business against the requirements and develop a business continuity system accordingly.
  2. Partner with a Business Continuity specialist such as Blackmores and work in collaboration with your partner to complete a Gap Analysis, Risk Assessment, Business Impact Analysis, Business Continuity Documentation and possibly a compliance audit.
  3. Partner with a training provider to bring more knowledge on the subject in-house – this could be eLearning, BCP workshops or certification body auditor training.
  4. If you are serious about demonstrating how resilient you are as an organisation, consider certification to ISO 22301 with a UKAS Accredited certification body.

Further resources:

Further information on ISO 22301

Further information on ISO 22313

For a copy of our example BIA, simply contact us: enquiries@blackmoresuk.com

We’d love to hear your views and comments about the ISO Show, here’s how:

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud



The ISO Show: Episode 42 – What is ISO 22301 Business Continuity Management?

Subscribe to keep up-to-date with our latest episodes:

SoundCloud Spotify iTunes Stitcher Stitcher YouTube