Getting started with ISO 22301 Business Continuity Management

Expect the unexpected and plan for it with an ISO 22301 Business Continuity Management System (BCMS). Discover how you can adapt the standard to your organization to manage the risks that threaten the smooth running of your business and ensure its survival in the event of a disruption.


What is ISO 22301 Business Continuity Management?

ISO 22301 is the international standard for business continuity management, and builds on the success of British Standard BS 25999 and other regional standards. It’s designed to protect your business from potential disruption.  This includes extreme weather, fire, flood, natural disaster, theft, IT outage, staff illness or terrorist attack. The ISO 22301 management system lets you identify threats relevant to your business and the critical business functions they could impact. And it allows you to put plans in place ahead of time to ensure your business doesn’t come to a standstill. 


What are the benefits of ISO 22301 business continuity management?

  • Identify and manage current and future threats to your business
  • Take a proactive approach to minimizing the impact of incidents
  • Keep critical functions up and running during times of crises
  • Minimize downtime during incidents and improve recovery time
  • Demonstrate resilience to customers, suppliers and for tender requests

Training courses to get you started in ISO 22301

The ISO 22301 business continuity standard can be applied to organizations of all sizes, across all sectors. And our training is designed for all levels of experience.


How to get certified to ISO/IEC 20000-1

  1. ISO/IEC 2000-1 Service Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

    The steps to ISO/IEC 20000-1 certification:

    1. ISO/IEC 20000-1 gap analysis

    An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 20000-1 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.

    2. Formal assessment

    A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 20000-1 procedures and controls have been developed in your organization. We will share the details of our findings with you so that if we find gaps, you can close them. Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 20000-1. 

    3. Certification and beyond

    When you achieve certification you’ll receive your BSI ISO/IEC 20000-1 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.