ISO 22301 for small businesses

It is not only large organizations that can be affected by unexpected disruptions.  Small companies face similar threats too.  No matter the size of your organization, the capability to respond effectively is more critical than ever before. That is why ISO 22301 business continuity management systems has been designed to help you manage the risks that threaten the smooth running of your business and ensure its survival in the event of a disruption.  And we can show you how.  


Shaping ISO 22301 for small businesses

Small businesses that implement ISO 22301 can improve their resilience in the same way as larger organizations. We know that you may have tighter budgets and less time and resources to put the necessary business continuity management processes in place. That is why we provide packages that are tailored to your business and the threats you face. We can customize your package to include only the services you need – removing the unnecessary cost and complexity of implementing ISO 22301.

We can help you identify essential business functions and the ways in which they could be impacted by incidents. Let us show you how to protect critical functions and minimize the impact of disruptions. You will see how ISO 22301 can put you in a better position when competing for new business and improve supply chain resilience. 



How to get certified to ISO/IEC 20000-1

  1. ISO/IEC 2000-1 Service Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

    The steps to ISO/IEC 20000-1 certification:

    1. ISO/IEC 20000-1 gap analysis

    An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 20000-1 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.

    2. Formal assessment

    A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 20000-1 procedures and controls have been developed in your organization. We will share the details of our findings with you so that if we find gaps, you can close them. Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 20000-1. 

    3. Certification and beyond

    When you achieve certification you’ll receive your BSI ISO/IEC 20000-1 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.