ISO 22301

ISO 22301

Business Continuity Management Systems


What is ISO22301:2012

ISO 22301 is the international standard for Business Continuity Management (BCM). It provides a practical framework for setting up and managing an effective business continuity management system, that aims to safeguard an organization from a wide range of potential threats and disruptions. It specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. Obtaining ISO 22301 certification should be high on the priority list of organizations that need to demonstrate to their stakeholders that they can rapidly overcome operational disruptions to provide continued and effective service.


The requirements specified in ISO 22301:2012 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity.


Benefits of ISO 22301 Business Continuity Management

  • Protect assets, turnover and profits: Effective business continuity management (BCM) enables organizations to protect their income steam following an incident or disaster, while reducing the risk of further losses.
  • Ensure continuity of business operations: A BCMS helps maintain an organization’s service levels to its customers. It also helps business leaders to assess the potential impacts of an operational disruption, make the right decisions quickly, deploy an effective response and minimize the overall impact.
  • Increase competitive advantage and enhance corporate reputation: Organizations with an ISO 22301-compliant BCMS can improve customer confidence in the organization’s ability to respond to incidents.
  • Meet legal and regulatory requirements: We recommend ISO 22301 compliance as a useful tool for implementing a well-defined incident response and reporting structure, so organizations can demonstrate they are taking steps to comply with regulatory requirements, such as the and the the EU General Data Protection Regulation (GDPR) and the NIS Directive.
  • Obtain an independent assessment of your security posture: Accredited certification involves regular reviews and internal audits that provide an expert opinion as to whether the BCMS is functioning properly and provides the level of security needed to protect the organization’s products and services.


How we can help you

BEWISE’s ISO 22301 consultants will:

  • Arrange and oversee the formal external audit process.
  • Define and implement a regime of continual improvement.
Get In Touch