As a CMMI Consultant, during the CMMI Consulting assignment, you may be asked questions related to many other standards. One of the popular standard that is discussed these days is the ISO 22301:2012 – Business Continuity Management Systems. Here I provide an overview of this standard:

CMMI FAQ 0

17th October, 2014

ISO 22301:2012 – Business Continuity Management Systems

Continuity of business is as vital as continuity of life. And as we invest in continuity of life, we have to invest in the continuity of business. Investment in terms of thought. Investment in terms of action. Investment in terms of resources. All for business continuity. ISO 22301, the Business Continuity Management system standard, is the framework, wherein we can channelize thoughts, actions and resources for business continuity. We need to protect the organization and business. It is vital these days. Customers want products and services at all times. At the time they wish to have it. Customers like   to do business with the organization which has a business continuity management system in place as this ensures the capability of organization to deliver service or product any time including in times of disaster or a crisis.

Purpose of ISO 22301:2012

ISO 22301 Societal Security –Business Continuity Management Systems –Requirements is an International Standard that specifies the requirements for setting up and managing an effective Business Continuity Management System (BCMS). ISO 22301:2012 specifies requirements to establish a management system to protect and respond to disruptive incidents when they arise.

 Benefits of ISO 22301:

 The Key benefits are as under:

• reduces the impact of disaster
• improves the reputation and credibility of organization
• attracts investors and customers.
• facilitates risk management – both internal and external

Features of ISO 22301:

ISO 22301 BCMS is based on the structure of ISO Annex SL and emphasis the importance of PDCA (Plan-Do-Check-Act):

• Plan (Establish): Establish business continuity policy, objectives, targets, controls and processes relevant to improving business continuity in order to deliver results that align with the organization’s overall policies and objectives (Refer Clause 4, 5, 6 & 7 of Standard)
• Do (Implement and Operate): Implement and operate the business continuity policy, controls, processes and Procedures (Refer Clause 8 of Standard)
• Check (Monitor and Review): Monitor and review performance against business continuity policy and objectives, report the results to management for review, and determine the actions for remediation and improvement (Refer Clause 9 of Standard)
• Act (Maintain and Improve): Maintain and improve the BCMS by taking corrective actions based on the results of management review and reappraising the scope of the BCMS and business continuity policy and objectives. (Refer Clause 10 of Standard)

As CMMI Consultants, during the CMMI Consulting assignments, we should always take the opportunity to talk about new standards. Through this CMMI Consultant blog, I would continue to share knowledge on the relevant contemporary standards.