ISO 22301: Business Continuity Management Systems
What Is ISO 22301?
In the event of an emergency, many businesses and organizations must have the ability to mitigate damage and continue operating. ISO 22301 is the international standard for Business Continuity Management (BCM). Published by the International Organization for Standardization, ISO 22301 is designed to help organizations prevent, prepare for, respond to and recover from unexpected and disruptive incidents. To do so, the standard provides a practical framework for setting up and managing an effective business continuity management system. ISO 22301 aims to safeguard an organization from a wide range of potential threats and disruptions.
This standard may be right for your organization if you need to demonstrate to stakeholders that your organization can rapidly overcome operational disruption to provide continued and effective service.
Around the world, many countries have legislation in place to define the emergency planning responsibilities of organizations. Those responsibilities often include the implementation of Business Continuity Management. As a result, ISO 22301 certification should be considered essential to any organization legally required to engage in contingency planning, including utilities, transport, health and essential public services. Whether you need to implement the standard to remain in compliance with industry regulations or not, pursuing ISO 22301 certification can help your organization develop resiliency and improve risk management.
“The rigour of a certified management system has sped up the process and ensured that we have been able to deliver what our clients need: an uninterrupted service.” E.L.F.S
ISO 22301 has seen a 82.9% increase in worldwide certificates in 2020, showing the growth and importance of UKAS accredited certification in recent times. Statistics straight from the most recent ISO Survey.
Looking to implement an ISO 22301 management system? Not sure where to start? Take a look at our ISO 22301 Implementation Guide here.
What is ISO 22301 and How To Get ISO 22301 Certification
Helps you with
- Operational resilience
- Emergency preparedness
- Corporate governance
- Crisis management
- Disaster recovery
- Supply chain security
- Protection of reputation in a crisis
- Preparation for technology failures
- Plan for sudden loss of critical resources
- Preparation for other emergency situations
Benefits of ISO 22301 Certification
Deliver products that consistently meet customer requirements and a service that is dependable and can be relied on.
Avoid downtime and financial losses with effective management of risk, emergency preparedness and contingency planning.
Understand how statutory and regulatory requirements impact your organisation and its customers.
Improved risk management
Greater consistency and traceability of products and services means problems are easier to avoid and rectify.
Proven business credentials
Independent verification against a globally recognised industry standard speaks volumes.
Win more business
Procurement specifications often require certification as a condition to supply, so certification and verification opens doors.
Global recognition as a reputable supplier
Certification is recognised internationally and accepted throughout industry supply chains, setting industry benchmarks for sourcing suppliers.
Changing industry landscape and expectations
All organizations might be subject to disruptions; this may include technology failure, flooding, utility disruption, fire or terrorist attack. The standard is available to any organization (or its parts) regardless of their size, scope or complexity, that wishes to manage their overall business risks and develop the capability to plan for, and respond to, incidents and business disruptions.
The consequences of unexpected business disruptions may be far-reaching and might involve loss of life, loss of assets or income, or the inability to deliver products and services on which the organization's survival might depend.
By proactive identification of the impact of disruption, BCM identifies those products and services that are crucial for the organization's existence, and helps to establish what responses will be needed if a disruption occurs. ISO 22301 further provides the capability to adequately react in case of disruption.
NQA and ISO 22301 certification
With a wealth of experience providing accredited management systems certifications, NQA is ideally placed to partner with you to meet customer requirements and exceed industry expectations.
- NQA, USA issued the first-ever PS-Prep certification in 2012.
- NQA,USA is the only Certification Body to offer the full suite of ISO and PS-Prep BCMS certifications including: ASIS SPC.1, ISO 22301 and NFPA 1600
Technical committees and industry relationships. NQA is highly involved in a wide variety of industry committees and standards writing teams, helping us to maintain a keen awareness of changes within this industry. NQA, USA is an active participant and recognized leader in the DHS PS-Prep and IAF BCMS working groups (convened by ANAB).
Knowledge transfer supporting our customer’s organizational strategy. NQA is committed to ensuring customer awareness regarding changes in industry strategy, regulations, and standard requirements that may impact your management system approach.
Steps to Certification
Complete a Quote Request Form so we can understand you and your business. We will then use this to personally prepare a proposal for your certification and define what is known as your 'scope of assessment'.
We will then contact you to book your assessment with an NQA assessor. It consists of two mandatory visits that form the Initial Certification Audit. Please note that you must be able to demonstrate that your management system has been operational for a minimum of three months and has been subject to a management review and a full cycle of internal audits.
Following a successful stage two audit, a decision is made. If positive, your certification will be issued by NQA, with both a hard and soft copy of the certificate awarded. Certification is valid for three years and maintained through surveillance audits (years one and two) and a recertification audit in year three.
Risk Management Toolkit
ISO 22301 Implementation Guide
ISO 22301 Transition Gap Guide
ISO 22301 Checklist
ISO 22301 Transition Timeline
Risk Assurance Brochure
Annex SL Comparison Tool
Measuring Operational Resilience Method
Download Certification Logos
CityFibre Case Study
Is Your Management System Integrated?