QHS038

Security and resilience – Business continuity management systems

ISO 22301:2019 is a standard published by the International Organization for Standardization (ISO) that defines the requirements for business continuity management systems (BCMS). The standard helps organizations prepare for, respond to, and recover from unexpected incidents. The standard defines requirements for BCMS to ensure organizations can continue operating during and after crisis situations. These situations include: Natural disasters Cyber-attacks Pandemics Armed conflicts Any other event that may interrupt activities The standard specifies requirements for: Planning, Establishing, Implementing, Operating, Monitoring, Reviewing, Maintaining, Continually improving. The standard also helps organizations identify and prioritize threats. This allows them to implement their BCMS effectively so they are ready to respond to and recover from incidents with the least disruption to business. Some mandatory documents required by ISO 22301:2019 include: A list of legal, regulatory, and other requirements The scope of the BCMS and explanation of exclusions Business continuity policy Business continuity objectives Competencies of personnel