This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

ISO22301 (ISO 22301) Business Continuity Standard

ISO/IEC 22301:2012 sets out the requirements for a business continuity management system (BCMS), and is considered the only credible framework for effective business continuity management in the world.

Research shows that BCM can reduce the cost of a data breach, accelerate the time to identify a breach and reduce the likelihood of a repeat event.

By creating a BCMS aligned with ISO 22301, organisations ensure that they are best prepared for a disruptive incident.

Effective business continuity management means an organisation can resume operations and return to ‘business as usual’ as quickly as possible after a disruptive incident (for instance a cyber attack or power failure).

An ISO 22301-aligned BCMS will include disaster recovery plans that focus on the recovery of specific operations, functions, sites, services or applications.

Purchase a copy of ISO/IEC 22301:2012 here.


What is a business continuity management system (BCMS)?

A BCMS aligned to ISO 22301 is a management system that delivers a set of optimised controls that consist of preventative and corrective responses, enabling the business to mitigate its business continuity risks. Responses are based on regular, enterprise-wide risk- and business impact assessments.


What is the difference between a business continuity plan and a BCMS?

A BCMS is a comprehensive approach to organisational resilience. It enables organisations to update, control and deploy effective plans, taking into account organisational contingencies and capabilities, as well as the business needs (product- and service- requirements).


Business Continuity Management System

Based on analysis


Regularly tested


Requires regular review and management


Awareness organisation-wide, embedded in the culture and deployed throughout the business


Business Continuity Plan

Based on guesswork




Can become outdated


Lack of organisational awareness, deployed in a limited division of the organisation, and not part of the culture.



What are the benefits of business continuity management and ISO 22301?

Optimally recover from a potentially damaging and disruptive incident.


Protect your organisation’s turnover, profits and reputation due to improved resilience and preparedness.


Achieve regulatory and governance requirements where business continuity management is a necessity (e.g. Director’s Duties of the Companies Act, the UK Corporate Governance Code and the UK SRA Code of Conduct).


Reduce the cost of business interruption insurance cover based on actual analysis of your organisational risk exposure.


Receive independently audited assurance that your business has established the necessary measures to respond to a potential disaster.


Meet the demands of clients across the supply chain.


Read more about the advantages of ISO 22301 and business continuity management.


Business continuity management and disaster recovery

Effective business continuity management enables an organisation to rebound and recover from potentially catastrophic events (for instance a cyber attack or power failure), with minimal business disruption.


The business continuity management lifecycle

Implementing a BCMS aligned to ISO 22301 will include the following elements and supporting processes:

  • Scope the project and develop the business case
  • Get board commitment and secure the necessary budget
  • Develop internal competence
  • Undertake the development of documentation and documentation control
  • Establish roles and responsibilities
  • Undertake internal and external communications
  • Establish staff awareness programmes
  • Conduct a risk assessment
  • Undertake a business impact analysis (BIA)
  • Develop business continuity plans and strategy
  • Conduct BCM testing
  • Ongoing review and maintenance
  • Get certified


Let’s get started on your business continuity management project

IT Governance has the widest range of affordable solutions that are easy to use and ready to deploy.

Business continuity management/ ISO 23301 resources


Download free information on ISO 22301

Get further guidance on ISO 22301 and business continuity management with this free green paper.

Let's work together to get things moving

Whatever the nature or size of your problem, we are here to help. Click the button below to request a call. One of our experts will get in touch as soon as possible.


Speak to an expert

Please contact us for further information or to speak to an expert.

Contact us