This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

Business Continuity, Disaster Recovery and ISO22301

What is business continuity management?

Business continuity management (BCM) is accepted as the most comprehensive approach to organisational resilience.

BCM involves managing risks to ensure that mission-critical functions continue to provide an acceptable level of service, even in the event of a major disaster.

Effective business continuity can be attained through the implementation of a business continuity management system (BCMS).


Speak to an expert

Please contact us for business continuity management advice or to speak to an expert.

Contact us


What is the purpose of business continuity management?

BCM involves planning for any potential disaster by identifying potential threats to an organisation and analysing their impact on the organisation’s day-to-day operations.

Effective BCM ensures the business is able to provide a minimum acceptable service in spite of a disaster, and helps preserve corporate reputation, image and revenue.

A growing body of legislation requires businesses in essential areas to implement effective business continuity arrangements. The UK Companies Act 2006 requires directors to “exercise reasonable care, skill and diligence” to mitigate risks facing the organisation.

Organisations operating in critical infrastructure industries will soon be required to implement BCM plans in line with the requirements of the NIS Directive.

The current cyber threat landscape has made business leaders more aware of the risks of cyber attacks and the importance of being able to respond to and recover from such attacks.

Effective BCM, based on international best-practice standards such as ISO 22301, can protect organisations from widespread business disruption in the event of a successful cyber attack.

Read about the benefits of effective BCM >>>


The business continuity management lifecycle

Effective BCM is centred around the stages of the BCM lifecycle, and involves identifying threats, performing business impact analysis (BIA), designing and implementing a business continuity plan, compiling documentation, measuring and testing effectiveness, and conducting maintenance and continual improvement work.


Business continuity planning

Business continuity planning (BCP) involves the processes and procedures for the development, testing and maintenance of business continuity plans that will enable an organisation to continue operating during and after a disaster. BCP is an essential element of a BCMS.

Plans typically detail how to manage incidents that affect all of the organisation's business-critical processes and activities, from failure of a single server all the way through to complete loss of a major facility. BCP is a response to an enterprise-level risk assessment. Best practice for BCP is set out in ISO/IEC 22301.


Disaster recovery planning

Disaster recovery planning (DRP) usually takes place within the BCP framework. Disaster recovery plans are often relatively technical and will focus on the recovery of specific operations, functions, sites, services or applications. A single business continuity plan might contain or refer to a number of disaster recovery plans. Best practice for disaster recovery is set out in ISO/IEC 22301.


ISO 27031 – ICT continuity best practice

ISO 27031 provides recommendations specifically for information and communications technology (ICT) continuity management within the overall business continuity framework provided by ISO 22301. ISO 27031 makes ISO 22301 relevant to information and communications technology but can also be used on a standalone basis should an organisation wish to tackle ICT continuity management specifically. Purchase the ISO 27031 standard here >>


Let’s get started on your business continuity management project

IT Governance has the widest range of affordable solutions that are easy to use and ready to deploy.


Business continuity management/ ISO 23301 resources


Speak to an expert

Please contact us for business continuity management advice or to speak to an expert.

Contact us