BUSINESS CONTINUITY MANAGEMENT SYSTEM
ISO 22301 is a standard that outlines a framework to control, maintain and deploy a successful Business Continuity Program, which helps organizations to prepare, respond and recover from disruptive incidents/disasters. Disaster Recovery is a part of this standard, with the only difference that each Disaster Recovery Plan is relatively technical and will focus on the recovery of specific operations, functions, sites, services or applications.
Benefits OF ISO 22301 CERTIFICATION to your Customers
- Continued services despite disasters/interruptions
- Increased business resilience
- Improves their ability to recover operations and demonstrate business continuity
- Confidence in your business continuity arrangements
- Meeting SLA requirements they may have with their clients
- Cost savings through deuced impact of incidents
- Compliance with regulatory and statutory laws
benefits of iso 22301 certification to your organization
- Improved turn out time for service downtime
- Preparedness to deal with disasters better
- Ensuring continued services to your clients
- Meeting SLA requirements
- Avoidance of penalties due to downtime
- Better management of incidents/disasters
- Better resource management
- Reduced financial and operational impact of disasters on the business
Who can get ISO 22301 certification?
Organizations that provide live services due to whose downtimes other services are affected need to consider ISO 22301. Examples of such industries are television and media broadcasting, internet service providers, BPOs, IT solutions companies, SaaS companies, technology support partners etc.
This standard is applicable to organizations of all domains and sizes. Any organization that requires to have a continuous service delivery as a part of its portfolio is eligible for this standard.
ISO 22301 in India
ISO 22301 in Australia
ISO 22301 in Singapore
ISO 22301 in Maldives
ISO 22301 in Turkmenistan
ISO 22301 in Philippines
ISO 22301 in South Africa
ISO 22301 in Mauritius
ISO 22301 in Kenya
ISO 22301 in Ethiopia
ISO 22301 in Mozambique
ISO 22301 in Nigeria
ISO 22301 in Eqypt
ISO 22301 in Oman
ISO 22301 in Qatar
ISO 22301 in Bahrain
ISO 22301 in UAE
ISO 22301 in Saudi Arabia
ISO 22301 in Lebanon
ISO 22301 in Kuwait
ISO 22301 in USA
ISO 22301 in Canada
ISO 22301 in Europe
What are the requirements of ISO 22301:2012?
Business Impact Analysis
- Measuring the amount of financial/operational damage depending on the time of the year
- Determine what kind of assets are actually at risk – including people, property, critical infrastructure, IT systems etc.
- Determine the Operational Impact. Eg. Downtime, outsourcing, expediting costs, contractual penalties, customer dissatisfaction etc.
- Determine Financial Impact – Equating the above in terms of actual monetary loss
Create an inventory of documents, databases and systems that are used on a day-to-day basis to generate revenue, and then quantify and match income with those processes as part of your recovery strategy/business impact analysis. Strategies are created based on this developed inventory along with RPOs and RTOs established as a part of Business Impact Analysis.
Business Continuity Plan Development
Using information derived from the Business Impact Analysis in conjunction with the Recovery Strategies, establish a plan framework. Documenting an IT disaster recovery plan is part of this stage. It involves restoring and recovering IT infrastructure, including servers, networks to keep the business running.
A data backup plan involves choosing the right hardware and software backup procedures for your company, scheduling and implementing backups as well as checking/testing for accuracy.
Testing and Deployment
Develop a testing process to measure the efficiency and effectiveness of your plans, as well as how often to conduct tests. Part of this step involves establishing a training program and conducting training for your company/business continuity team.
This allows you to allocate resources as needed to fill the gaps and build up a stronger, more resilient plan; also allowing you to clearly define roles and responsibilities and improve communication within the team, as well as identify any weaknesses in the plans that require attention.