Featured Product
This Week in Quality Digest Live
Standards Features
Grant Ramaley
FDA seeks to align Part 820 with ISO 13485:2016; why that may not be enough.
MSMEs are encouraged to uphold the highest standards
Steven Brown
21st-century standard candles at NIST
Kath Lockett
ISO standard for the cleaning, inspection, repair of firefighter PPE

More Features

Standards News
Demonstrating a commitment to keeping people safe and organizations running
Making the new material freely available to testing laboratories and manufacturers worldwide
Run compliance checks against products in seconds
Aug. 25, 2022, at 3:00 p.m. Eastern
Could be used for basic performance information on raw materials used in the most common 3D printers
Now is not the time to skip critical factory audits and supply chain assessments
Google Docs collaboration, more efficient management of quality deviations
Program inspires leaders to consider systems perspective for continuous improvement and innovation

More News



ISO Publishes New Standard for Business Continuity Management

ISO 22301:2012—“Societal security—Business continuity management systems—Requirements”

Published: Wednesday, June 6, 2012 - 11:53

The International Organization for Standardization (ISO) has published an international standard addressing business continuity management to help organizations in both public and private sectors become more resilient.

ISO 22301:2012—“Societal security—Business continuity management systems—Requirements” will help organizations, regardless of their size, location, or activity, to be better prepared and more confident to handle disruption of any type.

Incidents can disrupt an organization at any time, and applying ISO 22301 will ensure that organizations can respond and continue their operations. Incidents take many forms ranging from large-scale natural disasters and acts of terror to technology-related accidents and environmental incidents. However, most incidents are small but can have a significant effect, which makes business continuity management relevant at all times.

ISO 22301 provides a framework to plan, establish, implement, operate, monitor, review, maintain, and continually improve a business continuity management system (BCMS). It is expected to help organizations protect against, prepare for, respond to, and recover when disruptive incidents arise.

“Organizations implementing ISO 22301 will be able to demonstrate to legislators, regulators, customers, prospective customers, and other interested parties that they are adhering to good practices in business continuity management,” says Stefan Tangen, secretary of the ISO technical committee that developed the standard. “It may also be used within an organization to measure itself against good practices, and by auditors wishing to report to management.”

ISO 22301 will assist organizations in the design of a business continuity management system that is appropriate to its needs and meets its stakeholders’ requirements. These needs are shaped by legal, regulatory, organizational, and industry factors; the organization’s products and services; its size and structure; its processes; and its stakeholders.

“To work well, ISO 22301 will need organizations to have thoroughly understood its requirements,” explains Dave Austin, the project leader of the group responsible for writing ISO 22301. “Rather than being simply about a project or developing ‘a plan,’ business continuity management is an ongoing management process requiring competent people working with appropriate support and structures that will perform when needed.”

ISO 22301 is the first published standard that is aligned with the new ISO format for writing management systems standards. This will ease understanding and ensure consistency with other management systems, such as ISO 9001 (quality management), ISO 14001 (environmental management) and ISO/IEC 27001 (information security management).

ISO 22301 may be used for third-party certification as well as for self-assessment. To help users get the best out of the standard, it includes short and concise requirements describing the central elements of business continuity management.

Given the role of business continuity in every sector, ISO 22301 has worldwide potential. So far, numerous countries have started to adopt ISO 22301, including Singapore and the United Kingdom, to replace their existing national standards. There is already interest from businesses around the world that want to measure against the good practices and obtain certification to this standard.

ISO 22301 is part of a series of standards developed by ISO technical committee ISO/TC 223—Societal security. For example, an additional document is under development called ISO 22313, which is expected to be published early next year. This companion standard contains guidance for implementing ISO 22301.

ISO 22301:2012—“Societal security—Business continuity management systems—Requirementsis available from ISO national member institutes (see the complete list with contact details). It may also be obtained directly from the ISO Store.


About The Author

ISO’s picture


The International Organization for Standardization (ISO) is the world’s largest developer and publisher of international standards. ISO is a network of the national standards institutes of 162 countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. ISO is a nongovernmental organization that forms a bridge between the public and private sectors. ISO enables a consensus to be reached on solutions that meet both the requirements of business and the broader needs of society. View the ISO Standards list.