With the release of ISO 22301 in May 2012, it was recognised that there was a requirement for a global standard for business continuity management (BCM). Now for the first time, there is an International Standard for business continuity management.
Many people often comment on ISO 22301 but never mention the other members of the ISO 22300 family of standards (or the ‘forgotten children’ as I like to call them!). There are in fact seven published standards in the ISO 22300 family of standards (as of spring 2013).
Here is a list of the standards available in the ISO 22300 family that should be in any BCM professional’s library:
ISO 22300:2012 – Societal Security – Terminology – This standard provides common terminology for societal security and business continuity.
ISO 22301:2012 – Societal Security – Business Continuity Management Systems – Requirements – The International Standard for business continuity management systems. This standard lays out the requirements for a business continuity management system (BCMS) against which an organisation can gain certification.
ISO 22313:2012 – Societal Security – Business Continuity Management Systems – Guidance – ISO 22313 provides guidance on the planning, implementation and continual improvement of a BCMS.
ISO 22320:2011 – Societal Security – Emergency Management – Requirements for Incident Response – This standard focuses on incident response and how to organise the response at an organisational, local, national and international level to incidents.
ISO/PAS 22399:2007 – Societal Security – Guideline for Incident Preparedness and Operational Continuity Management – This ISO/PAS gives guidance on the principles and practice for incident preparedness and operational continuity of an organisation.
There are currently (as of spring 2013) eight other members of the ISO 22300 family of standards under development. The ones that are likely to be applicable to everyday businesses are:
ISO 22316 – Societal Security – Organizational Resilience – Principles and Guidelines – This standard, as in its title, will give guidance and share principles for organisational resilience.
ISO 22398 – Societal Security – Guidelines for Exercises – ISO 22398 is currently in the final stages of being published and should be released soon. It gives guidance on how to conduct business continuity exercises and testing.
If you have only procured a copy of ISO 22301 so far, there are so many other standards in the ISO 22300 family that could really benefit you.
Don’t forget the lost children!