Key elements of a business continuity policy
Clause 5.3 of the Standard states that organisations must “establish a business continuity policy”.
The policy needs to reflect your organisation’s view on business continuity and must:
- Be appropriate to the purpose of the organisation;
- Provide the framework for setting business continuity objectives;
- Include a commitment to satisfy applicable legal, regulatory or contractual business continuity management (BCM) requirements; and
- Contain a commitment to continually improve your business continuity management system (BCMS).
The business continuity policy needs to be communicated within your organisation and be available to any interested parties as documented information. It also needs to be reviewed at defined intervals and when significant changes occur.
Help creating a business continuity policy template
The business continuity policy is one of the most important documents in your BCMS.
However, knowing where to start when compiling it can be difficult, especially in large or complex organisations where there may be many business continuity objectives and requirements.
Below is an example of a customisable business continuity policy template extracted from the bestselling ISO 22301 BCMS Documentation Toolkit.
Designed and developed by experienced business continuity consultants, the ISO 22301 BCMS Documentation Toolkit includes:
- A complete set of easy-to-use, customisable and fully ISO 22301-compliant documentation templates that will save you time and money;
- Helpful dashboards and gap analysis tools to ensure complete coverage of the Standard; and
- Direction and guidance from experienced business continuity consultants.