ISO 22301 Business Continuity Implementation
Analytix Business Continuity Management (BCM) consulting services assist organisations to establish or improve their BCM programmes.
Alignment with BCM Best Practice
These services are aimed to assist organisations to effectively develop and implement the requirements of the ISO/IEC 22301 standard, which may include a BCM policy, BCM strategies and BCM Plans.
Business Continuity Management System
We provide the technical expertise and project management capabilities needed to build an efficient Business Continuity Management System (BCMS) that safeguard the interests of key stakeholders, by managing to build resilience and the capability for effective responses to potential impacts that may threaten the organisation.
The scope and structure of a BCM programme can vary, and our effort expended will be tailored to the needs of your organisation, while we will ensure that the essential elements of a BCMS be established which is capable of:
- Proactively identifying the impacts of an operational disruption
- Putting in place an effective response to disruptions which minimises the impact on the organisation
- Maintaining an ability to manage uninsurable risks
- Encouraging cross-team working
- Demonstrating a credible response through a process of exercising
- Enhancing its reputation; and
- Gain a competitive advantage, conferred by the demonstrated ability to maintain delivery
Analytix’s approach to Business Continuity Management (BCM) is based on assisting organisations to adopt and embed a BCM lifecycle that comprises of the required BCM elements for establishinbg a Business Continuity Management programme.
This approach and methodology can be implemented by organisations of all sizes, in all sectors: public, private, non-profit, educational, manufacturing, etc.
Our BCM consultancy service includes assessing your current BCM environment, and developing the appropriate BCM plans, policies and procedures, in aligment with the requirements of the international BCM standard, ISO/IEC 22301. Following is a summary of our approach:
- Context of the organisation
- Internal and external needs.
- Scoping the Business Continuity Management System (BCMS)
- Interested parties.
- Legal, contractual and regulatory requirements.
- LeadershipThe business case for implementing a BCMS/ISO 22301.
- Establish a BCM policy.
- Defining and appointing the required people to implement and maintain the BCMS.
- Identifying risks to the implementation of the management system.
- Setting clear objectives and criteria that can be used to measure its success.
- Delivering the necessary training and skills development to your team in order to effectively contribute to the BCMS and respond to incidents.
- Communicate with your staff and customers about the benefits of the BCMS.
- Undertaking a business impact analysis.
- Understanding the risks to the business.
- Developing a business continuity strategy.
- Defining an incident response structure that includes roles, responsibilities and an escalation path.
- Creating incident management and business continuity plans that are appropriate to the organisation.
- Establishing an exercise programme to develop and test the capabilities of people and teams, contingency resources and communication channels.
- Establishing the appropriate performance measurement criteria.
- Developing an internal audit capability and plan.
- Reviewing business continuity procedures, plans and structures.
- Planning and executing a management review process.
- Defining actions to improve the BCMS over time and ensuring that corrective actions arising from audits, reviews, exercises are implemented.
- Establishing a process for identifying, recording and addressing non-conformities.
ISO 22301:2012 - Societal security -- Business continuity management systems --- Requirements
ISO 22301:2012 is an international business continuity management standard that is used to ensure that:
- An organisation's business operations continue and that products and services are delivered at predefined levels
- That brands and value-creating activities are protected, and
- That the reputations and interests of key stakeholders are safeguarded whenever disruptive incidents occur.
ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.
The requirements specified in ISO 22301:2012 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
Depending on the scope of work and terms of refererence, typical deliverables of an ISO/IEC 22301 programme implementation project may include:
- BCS project charter
- BCM terms of reference
- BCM Scope Statement
- BCM Policy
- BCM framework / Manual
- Corporate level BCM Strategy
- Process Level BC Strategy
- Resource Recovery Strategy
- Business Continuity Plan
- Incident Management Plan
- Project Management Plan
- BCM Training and Awareness
- At the end of the project, a detailed project closeout presentation with all the documentation, information and knowledge that have been created during the course of the project
Our ISO/IEC 22301 aligned Business Continuity Management consultancy delivers real business benefits:
- Brings a clear focus to your business continuity project, based on real-world experience
- Helps to ensure that you stay on track and within your budget
- Delivers a convincing business case for implementing a BCM/ISO 22301 project
- Helps you avoid common pitfalls and challenges during an implementation
- Introduces appropriate metrics that will clearly demonstrate your success
- Helps you to prepare for an ISO 22301 certification audit