BM TRADA Logo Library
Get a quote

Business Continuity Management

ISO 22301

ISO 22301:2019 is the International Standard for Business Continuity Management Systems.

ISO 22301: Business Continuity Management Systems

What Is ISO 22301?

In the event of an emergency, many businesses and organizations must have the ability to mitigate damage and continue operating. ISO 22301 is the international standard for Business Continuity Management (BCM). Published by the International Organization for Standardization, ISO 22301 is designed to help organizations prevent, prepare for, respond to and recover from unexpected and disruptive incidents. To do so, the standard provides a practical framework for setting up and managing an effective business continuity management system. ISO 22301 aims to safeguard an organization from a wide range of potential threats and disruptions.

This standard may be right for your organization if you need to demonstrate to stakeholders that your organization can rapidly overcome operational disruption to provide continued and effective service.

Around the world, many countries have legislation in place to define the emergency planning responsibilities of organizations. Those responsibilities often include the implementation of Business Continuity Management. As a result, ISO 22301 certification should be considered essential to any organization legally required to engage in contingency planning, including utilities, transport, health and essential public services. Whether you need to implement the standard to remain in compliance with industry regulations or not, pursuing ISO 22301 certification can help your organization develop resiliency and improve risk management.

“The rigour of a certified management system has sped up the process and ensured that we have been able to deliver what our clients need: an uninterrupted service.” E.L.F.S

ISO 22301 has seen a 82.9% increase in worldwide certificates in 2020, showing the growth and importance of UKAS accredited certification in recent times. Statistics straight from the most recent ISO Survey.

Looking to implement an ISO 22301 management system? Not sure where to start? Take a look at our ISO 22301 Implementation Guide here.

What is ISO 22301 and How To Get ISO 22301 Certification

Helps you with

  • Operational resilience
  • Emergency preparedness
  • Corporate governance
  • Crisis management
  • Disaster recovery
  • Supply chain security
  • Protection of reputation in a crisis
  • Preparation for technology failures
  • Plan for sudden loss of critical resources
  • Preparation for other emergency situations

Benefits of ISO 22301 Certification

Customer satisfaction icon

Customer satisfaction

Deliver products that consistently meet customer requirements and a service that is dependable and can be relied on.

Business resilience icon

Business resilience

Avoid downtime and financial losses with effective management of risk, emergency preparedness and contingency planning.

Legal compliance icon

Legal compliance

Understand how statutory and regulatory requirements impact your organisation and its customers.

Improved risk management  icon

Improved risk management

Greater consistency and traceability of products and services means problems are easier to avoid and rectify.

Proven business credentials icon

Proven business credentials

Independent verification against a globally recognised industry standard speaks volumes.

Win more business icon

Win more business

Procurement specifications often require certification as a condition to supply, so certification and verification opens doors.

Global recognition as a reputable supplier icon

Global recognition as a reputable supplier

Certification is recognised internationally and accepted throughout industry supply chains, setting industry benchmarks for sourcing suppliers.

Changing industry landscape and expectations

All organizations might be subject to disruptions; this may include technology failure, flooding, utility disruption, fire or terrorist attack. The standard is available to any organization (or its parts) regardless of their size, scope or complexity, that wishes to manage their overall business risks and develop the capability to plan for, and respond to, incidents and business disruptions.

The consequences of unexpected business disruptions may be far-reaching and might involve loss of life, loss of assets or income, or the inability to deliver products and services on which the organization's survival might depend.

By proactive identification of the impact of disruption, BCM identifies those products and services that are crucial for the organization's existence, and helps to establish what responses will be needed if a disruption occurs. ISO 22301 further provides the capability to adequately react in case of disruption.

NQA and ISO 22301 certification

With a wealth of experience providing accredited management systems certifications, NQA is ideally placed to partner with you to meet customer requirements and exceed industry expectations.

  • NQA, USA issued the first-ever PS-Prep certification in 2012.     
  • NQA,USA is the only Certification Body to offer the full suite of ISO and PS-Prep BCMS certifications including: ASIS SPC.1, ISO 22301 and NFPA 1600

Technical committees and industry relationships. NQA is highly involved in a wide variety of industry committees and standards writing teams, helping us to maintain a keen awareness of changes within this industry.  NQA, USA is an active participant and recognized leader in the DHS PS-Prep and IAF BCMS working groups (convened by ANAB).

Knowledge transfer supporting our customer’s organizational strategy. NQA is committed to ensuring customer awareness regarding changes in industry strategy, regulations, and standard requirements that may impact your management system approach.

Steps to Certification

  1. Step 1

    Complete a Quote Request Form so we can understand you and your business. We will then use this to personally prepare a proposal for your certification and define what is known as your 'scope of assessment'.

  2. Step 2

    We will then contact you to book your assessment with an NQA assessor. It consists of two mandatory visits that form the Initial Certification Audit. Please note that you must be able to demonstrate that your management system has been operational for a minimum of three months and has been subject to a management review and a full cycle of internal audits.

  3. Step 3

    Following a successful stage two audit, a decision is made. If positive, your certification will be issued by NQA, with both a hard and soft copy of the certificate awarded. Certification is valid for three years and maintained through surveillance audits (years one and two) and a recertification audit in year three.

See more details

Risk Management Toolkit

ISO 22301 Implementation Guide

ISO 22301 Transition Gap Guide

ISO 22301 Checklist

ISO 22301 Transition Timeline

Risk Assurance Brochure

Annex SL Comparison Tool

Gap Analysis

Measuring Operational Resilience Method

Download Certification Logos

CityFibre Case Study

Is Your Management System Integrated?

Ready to start your journey?

We'll give you a clear indication of the costs of gaining and maintaining certification.
Not ready yet? Call us on 0800 052 2424 or request a callback to discuss your certification requirements.