ISO 22301 - Business continuity management systems

NS-EN ISO 22301:2014 - Societal security - Business continuity management systems (BCMS)

The outcomes of maintaining a BCMS are shaped by the organization’s legal, regulatory, organizational and industry requirements, products and services provided, processes employed, size and structure of the organization, and the requirements of its interested parties.
A BCMS emphasizes the importance of:

  • understanding the organization’s needs and the necessity for establishing business continuity policies and objectives;
  • operating and maintaining processes, capabilities and response structures for ensuring the organization will survive disruptions;
  • monitoring and reviewing the performance and effectiveness of the BCMS;
  • continual improvement based on qualitative and quantitative measures.

A BCMS, like any other management system, includes the following components:

a) a policy;
b) competent people with defined responsibilities;
c) management processes relating to:
   - policy;
   - planning;
   - implementation and operation;
   - performance assessment;
   - management review;
   - continual improvement;
   - documented information supporting operational control and enabling performance evaluation.

READ MORE (Norwegian only)