Business Continuity, Disaster Recovery and ISO 22301

Enhance your corporate resilience and improve your business data security – become ISO 22301 business continuity management systems certified this year!

In the tough economic climate, and with natural disasters and terrorist attacks, it has become a necessity for organisations to plan for the unexpected. Disasters, when they happen, can cause serious financial damage to an organisation, if effective contingency plans are not implemented.

What you need for your organisation is a highly-effective contingency plan that will protect your business from any external threats and risks.

This site provides information about business continuity, and offers a wide range of materials that will enhance your business continuity planning (BCP). Business continuity and disaster recovery planning are key governance responsibilities. Anyone who has watched the impact of, for instance: earthquakes in Bangladesh, terrorist attacks, cyclones in India, a tsunami in Malaysia, floods in Pakistan in the recent years, will recognise that the directors must plan for their organisation to overcome these disasters.

What is ISO 22301?

ISO 22301 is the international business continuity standard replacing the widely adopted British Standard BS25999-2. ISO 22301 is based on the 'Plan-Do-Check-Act' model, popularly used in other management system standards.

Every organisation faces business continuity risks. In fact:

80% of organisations with a well-planned and implemented business continuity plan are likely to survive a major business discontinuity incident
Only 20% of organisations without a business continuity plan are likely to survive
Over 90% of organisations that suffer a significant data loss go out of business within two years of the loss

What is business continuity management (BCM)?

Business continuity management is a management process that identifies potential impacts that threaten an organisation, and provides a framework for building resilience and the capability for an effective response which safeguards the interest of its key stakeholders, reputation, brand and value-creating activities.

Externally validated, this comprehensive and rigorously-tested business continuity management (BCM) planning standard will help your organisation to:

Protect your vital assets
Mitigate risk
Manage crises
Recover rapidly from emergencies, both major and minor
Build confidence among your customers, partners and stakeholders.

The business continuity management lifecycle usually includes the steps below:

risk assessment
business impact analysis (BIA)
plan development
documentation
testing
maintenance

Business Continuity Planning

Business continuity planning (BCP), related to BCM, takes into account the procedure and process for the development, testing and maintenance of the plans that will enable an organisations critical activities to function during and after a disaster.

Disaster Recovery Planning

Disaster Recovery Planning (DRP) is most commonly an element of the BCP framework. DRPs are often particularly technical and focus very much on the recovery of specific sites, functions, operations, applications or services. One BCP can include or refer to numerous DRPs.

How to implement an ISO 22301 compliant BCMS

The following quote is taken from the ISO’s (International Organisation for Standards) own news release on ISO 22301:

“To work well, ISO 22301 will need organizations to have thoroughly understood its requirements. Every line and word has meaning and the relative importance is not necessarily reflected by the number of words devoted to a topic.”

If you want to quickly and effectively implement a BCMS in line with ISO 22301, then download our ISO22301 BCMS Implementation Toolkit now >>

Further ISO 22301 reading

IT Governance is a leading publisher of books and toolkits on ISO 22301, business continuity and disaster recovery. You will find available for purchase a range of authoritative titles, written by experts for business and technical audiences.