Manage the worst with the best and most trusted ISO business continuity management standard available in the Middle East and Africa. According to ISO , business continuity plan is defined as “documented procedures that guide organizations to respond, recover, resume, and restore to a. ISO/IEC is an ICT-focused standard on business continuity.
|Published (Last):||16 July 2014|
|PDF File Size:||7.70 Mb|
|ePub File Size:||13.9 Mb|
|Price:||Free* [*Free Regsitration Required]|
Contingency planning and disaster recovery were largely information technology-led responses to natural disasters and terrorism that affected businesses during the s and early s. There was a growing recognition, however, that this needed to become a business-led process and encompass preparing for many forms of disruption. In light of this, the discipline became known as business continuity management BCM. As governments and regulators began to recognize the role of business continuity in mitigating the effects of disruptive incidents on society, they increasingly sought to gain assurance that key players had appropriate business bussiness arrangements in place.
Similarly, businesses recognized their dependence on each other and sought assurance that key suppliers and partners would continue to provide key products and services, even when incidents occurred. In the UK, BS was introduced to provide a management systems standard to which organizations could obtain accredited certification for the first time.
Businees new standard is the result of significant global interest, cooperation and input. ISO is a management systems standard for BCM which can be used by organizations of all sizes and types. These organizations will be able to obtain accredited certification against this standard and so demonstrate to legislators, regulators, customers, prospective customers and other interested parties that they are adhering to good practice in BCM.
ISO also 223001 the business continuity manager to show top management that a recognized standard has been achieved. While ISO may be used for certification and therefore includes rather short and concise requirements describing the central elements of BCM, a more extensive guidance standard ISO busibess being developed to provide greater detail on each requirement in ISO ISO may also be used within an organization to measure itself against good practice, and by auditors wishing to report to management.
The influence of the standard will therefore be much greater than those who simply choose to be certified against the standard.
This technical committee develops standards for the protection of society from, and in response to, incidents, emergencies and disasters caused by intentional and unintentional human acts, natural hazards and technical failures. Its all-hazards perspective covers adaptive, proactive and reactive strategies in all phases before, during and after a disruptive incident.
The area of societal security is multi-disciplinary and involves actors from both the public and private sectors. The committee has previously published the following standards and other documents:. At the time, many experts argued that their own national standard was best suited to be developed into an International Standard. As this was clearly no way forward, all the major players were gathered to identify the similarities between the standards.
A challenge with ISO has been the large number of national documents on the subject, which has caused difficulties in gaining agreement.
The committee was then ready to create a management system standard with requirements and intended for certification. Input from the national standards was used to develop the initial draft wordings and gradually refined to become a new document bringing together good practice from around the world.
Many others contributed to its development, showing the truly international interest and input involved. ISO is the second published management systems standard that has adopted the new high-level structure and standardized text agreed in ISO.
The standard is divided into 10 main continuigy, starting with scope, normative references, and terms and definitions. ISO emphasizes the need for a well-defined incident response structure.
This ensures that when incidents occur, responses are escalated in a timely manner and people are empowered to take the necessary actions to be effective.
Life safety is emphasized and a particular point is made that the organization must communicate with external parties who may be affected, for instance if an incident poses a noxious or explosive risk to surrounding public areas.
The requirements for business continuity plans are laid out in Clause 8, too. Quickly understood, user-focused documents are more suitable than the large, unwieldy documents suited to auditors. Smaller plans are therefore more likely to be needed than one large plan.
ISO – Wikipedia
A requirement not previously addressed in business continuity standards is the need to plan for a return to normal business. This simple requirement belies considered thought, as organizations must determine what to do once the initial emergency has been addressed. The final subsection of section 8 covers exercises and tests, a key part of BCM. Tests are where some element of the business continuity arrangements is demonstrated to work a pass or not fail.
ISO Business Continuity management | BSI Group Middle East and Africa
For instance, it is possible to test if the generator will run by switching it on. An exercise may include tests, but is generally a more nuanced approach that simulates some aspect of responding to an incident.
This will usually include elements of training and building awareness of how to handle disruptive incidents with difficult and unusual characteristics, as well as finding out if processes work as expected.
Exercises and tests are busienss in ISO To work well, ISO will need organizations to have thoroughly understood its requirements. Every line and word has meaning and the relative importance is not necessarily reflected by the number of words devoted to a topic.
He is an experienced consultant in business continuity, ICT continuity and crisis management.
ISO 22301 Business Continuity Management
Later, at Siemens, he developed and led a business continuity consultancy. This news belongs to our archive. Demonstrating good practice ISO is a management vontinuity standard for BCM which can be used by organizations of all sizes and types. The committee has previously published the following standards and other documents: Related information ISO publishes nusiness standard for business continuity management.
ISO has published an International Standard addressing business continuity management to contribute making organizations in both public and private sectors Societal security – Guideline for incident preparedness and operational continuity management.