ISO 22301
ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise [1]. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization[2][3][4].
Scope and contents
ISO 22301 has adopted the new format for writing management system standards described in Annex SL and it includes the following ten main clauses:
- Scope
- Normative references
- Terms and definitions
- Context
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement
Supporting standards
ISO 22301 is the first of a series of ISO standards and Technical Specifications on BCM, including[5]
- ISO 22313:2013 Societal security – Business continuity management systems – Guidance[6]
- ISO/TS 22317:2015 Societal security – Business continuity management systems – Guidelines for business impact analysis[7]
- ISO/TS 22318:2015 Societal security – Business continuity management systems – Guidelines for supply chain continuity[8]
- ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity[9]
- ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy[9]
- ISO/IEC/TS 17021-6:2014 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems
Edition and revision
This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in May 2012. ISO 22301:2012 was the first published ISO standard that had fully adopted the new format for writing management system standards described in Annex L. ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard [10]. The 2nd edition was published on 31 October, 2019, essentially consisting in refactoring the text of the standard to avoid repetitions. [1]
History
Year | Description | |
---|---|---|
2012 | ISO 22301 (1st Edition) | |
2019 | ISO 22301 (2nd Edition) |
See also
- List of ISO standards
- International Organization for Standardization
References
- "ISO 22301:2019". ISO.
- "What is ISO 22301? Learn the Basics". 27001Academy.
- Howard, Casey (August 6, 2018). "What is business continuity/ISO 22301 and why do you need it?". IT Governance UK Blog.
- https://searchdisasterrecovery.techtarget.com/definition/ISO-22301-International-Organization-of-Standardization-standard-22301
- Gasiorowski-Denis +41 22 749 03 25, Elizabeth. "ISO publishes new standard for business continuity management". ISO.
- "ISO 22313:2012". ISO.
- "ISO/TS 22317:2015". ISO.
- "ISO/TS 22318:2015". ISO.
- "ISO/TS 22330:2018". ISO.
- "ISOTC292". www.isotc292online.org.
External links
- ISO 22301—Societal security -- Business continuity management systems --- Requirements
- ISO TC 292—Security and resilience
- ISO 22301 at isotc292online.org