Publication of ISO 22301, the new international standard for business continuity management
ISO has officially launched ISO 22301, “Societal security – Business continuity management systems – Requirements”, the new international standard for business continuity management. This standard will replace the current British standard BS25999. Continued operations in the event of a disruption, due to a major disaster, are a fundamental requirement for any organization. ISO 22301, the world’s first international standard for business continuity management (BCM), has been developed to help organization minimize the risk of such disruptions.
ISO 22301 formally specifies a set of requirements for implementing, operating and improving a BCM System (BCMS) leading to certification. The requirements specified in ISO 22301 are generic and intended to be applicable to all organizations (or parts thereof), regardless of type, size and nature of the organization. ISO 22301 emphasizes the importance of:
- Understanding the organization’s needs and the necessity for establishing business continuity management policy and objectives;
- Implementing and operating controls and measures for managing an organization’s overall capability to manage disruptive incidents;
- Monitoring and reviewing the performance and effectiveness of the BCMS; and
- Continual improvement based on objective measurement.
To develop the necessary expertise to support an organization in implementing and managing BCMS and auditing, PECB offers an ISO 22301 training program and ISO 22301 certification scheme for business continuity professionals. “The main purpose of our certification program is to provide confidence to business and industry that certified consultants and auditors are competent”, says Faton Aliu, Executive Vice President of PECB.
The ISO 22301 Lead Implementer certification is for professionals needing to provide guidance or implement a BCMS. The principal competencies and knowledge skills needed by the market are the ability to support an organization in implementing and managing a Business Continuity Management System as specified in ISO 22301: risk management, risk management plan, implementation, surveillance, re-examination and operation of a BCMS, continual improvement of BCMS, management’s commitment, follow-up and review.
The ISO 22301 Lead Auditor certification is a credential for professionals needing to audit a Business Continuity Management System and is able to manage a team of auditors. The ISO 22301 Foundation certification is a professional certification for professionals needing to have an overall understanding of the ISO 22301 standard and its requirements.