ISO 22301 Compliance

Businesses today are striving in harsh environments. Cyber threats are adding to the pressure with large enterprises facing attacks. Businesses depend on variety of processes that support the core business objectives. Some business functions are critical for the survival of business and some are supportive in nature. For example online presence of Amazon’s website is more critical for it then the presence of Apple’s website.


Businesses must identify their core functions and ensure business continue to operate during hostile times. Business continuity management is a domain that facilitates organizations in thriving through tough times and ensure key objectives are met with limited functions. ISO has developed ISO22301 and defines it as “ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.”


Like ISO 27001 which specifies requirements and provides best practices for establishing Information Security Management System, ISO22301 provides requirements and best practices for business continuity management. Similar to other ISO management standards, ISO 22301 is applicable to any organization of any size. Hence you can implement it for your organization with ease and get certification against it. ISO22301 certification demonstrates your organization’s business continuity management system is built on industry best practices.


Organizations can follow any strategy to accomplish the implementation of effective BCM. Some simple steps of accomplishing the BCM project are

  1. Understand business objectives and context
  2. Defines BCM goals & scope
  3. Conduct business impact analysis (BIA)
  4. Develop plan based on BIA
  5. Implement controls according to priority
  6. Test and verify the controls
  7. Continuous monitoring and improvement
    In present times BCM is essential for any company that is willing to stay in business during any circumstances. ITSecurity.org can provide expert assistance in identifying your critical assets and processes for effective businesses continuity management system.