The international standard for business continuity management systems has been updated. Replacing the 2012 version, ISO 22301:2019 ‘Security and resilience - Business continuity management systems - Requirements’ was developed by the ISO ISO/TC 292 Security and Resilience Technical Committee, and helps organisations protect against, prepare for, respond to, and recover when disruptive incidents arise.

The main differences between the two are:
- Changes and additions in ISO’s requirements for management system standards since 2012 have been updated and included;
- Requirements have been clarified, but no new requirements have been added;
- Clause 8 includes the majority of the discipline-specific business continuity requirements
- Clause 8 has been re-organised, offering a clearer understanding of the main requirements; and
- Various discipline-specific business continuity terms have been altered to improve clarity and to align with current thinking.

Convenor of the ISO group of experts that developed the standard, James Crask, said: “Recovering quickly from a business disruption requires a deep understanding of what is important to an organisation, easy-to-follow response plans and staff that know their role in an incident.

“ISO 22301 helps organisations do all of that, thereby providing reassurance to their clients, suppliers, regulators and other stakeholders that they are not only prepared for disruption, but in shape for the future.”

Share Story: