ISO 22301:2019 specifies the structure and requirements for implementing and maintaining a business continuity management system (BCMS) that develops business continuity appropriate to the amount and type of impact that the organization may or may not accept following a disruption.
The outcomes of maintaining a BCMS are shaped by the organization’s legal, regulatory, organizational and industry requirements, products and services provided, processes employed, size and structure of the organization, and the requirements of its interested parties.
The outcomes of maintaining a BCMS are shaped by the organization’s legal, regulatory, organizational and industry requirements, products and services provided, processes employed, size and structure of the organization, and the requirements of its interested parties.
A BCMS emphasizes the importance of:
- Understanding the organization’s needs and the necessity for establishing business continuity policies and objectives;
- Operating and maintaining processes, capabilities and response structures for ensuring the organization will survive disruptions;
- Monitoring and reviewing the performance and effectiveness of the BCMS;
- Continual improvement based on qualitative and quantitative measures.