Basket
United Kingdom
Select regional store:
GRC Solutions x Digital Trust Consulting. One partner for complete cyber resilience
Cyber security solutions Business continuity management ISO 22301 business continuity management standard

ISO 22301, the international business continuity standard

Speak to an expert

Whatever the nature or size of your problem, we are here to help. Get in touch today using one of the contact methods below.

Are you best prepared to respond to and recover from a disruptive incident?

Managing risks such as cyber attacks and natural disasters means organisations need effective business continuity management (BCM) plans to help them quickly recover from any event. 

The international standard ISO 22301:2019 provides a best-practice framework for implementing an optimised business continuity management system (BCMS), enabling you to minimise business disruption and continue operating in the event of an incident.

An ISO 22301-aligned BCMS will include disaster recovery and business continuity plans to help your organisation recover critical operations as quickly as possible.

Purchase your copy of the standard

What is a BCMS?

A BCMS is a framework for organisations to update, control and deploy an effective BCM programme that helps them prepare for, respond to and recover from disruptive incidents. Implementing a BCMS includes the development of business continuity plans, taking into account organisational contingencies and capabilities, as well as the organisation’s individual business needs. ISO 22301 provides the specification for a best-practice BCMS.

A BCMS helps organisations cope with incidents affecting all business-critical processes and activities, from the failure of a single server to the complete loss of a major facility.

Disaster recovery and BCMS

Disaster recovery plans are often formed within the context of a BCMS. They are relatively technical and will focus on the recovery of specific operations, functions, sites, services or applications.

Disaster recovery plans are focused on returning an organisation back to ‘business as usual’ after a disruptive incident and achieving total recovery, where business continuity management is about making sure the organisation can continue to function during a disruption.

Assess your BCM arrangements against ISO 22301

Get an accurate picture of how effective your organisation’s BCM arrangements are with our ISO 22301 Gap Analysis. Receive an expert assessment of how your business continuity plans and procedures align with the best practice outlined in ISO 22301, and ensure your organisation is fully prepared to recover from a disruptive incident.

Contact us for a free, no-obligation quote today

Business Continuity and ISO 22301 – Preparing for disruption

Free paper: Business Continuity and ISO 22301 – Preparing for disruption

Download this paper to learn about the fundamental components of best-practice business continuity management, including risk assessment, BIA (business impact analysis) and BCPs (business continuity plans), and discover our nine-step approach to implementing an effective BCMS aligned to ISO 22301:2019.

Download now

How IT Governance can help you

  • We have helped more than 800 clients with management system implementation and certification projects around the world. 
  • We offer a wide range of BCM products and services, including books, training courses and documentation toolkits, to support your implementation journey. 
  • We take an integrated approach to compliance so we can align your BCMS with your needs for information security, quality management, etc. 
  • Our advice is always pragmatic, and we work according to your budget, time frame and organisational needs. No organisation or project is ever too big or small. 

Frequently asked questions (FAQs)

What is ISO 22301?

ISO 22301 is the international standard for business continuity management. It provides a framework for organisations to prepare for, respond to and recover from disruptive incidents.

What is ISO 22301 certification?

ISO 22301 certification is independent proof that an organisation’s business continuity management system meets the standard’s requirements.

How to get ISO 22301 certification?

To get certified, you must implement a BCMS aligned with ISO 22301, carry out internal audits and management reviews and undergo an external audit by an accredited certification body.

What is the latest version of ISO 22301?

The latest version is ISO 22301:2019, which updated and streamlined the requirements from the earlier 2012 edition.

What are the benefits of ISO 22301?

Benefits include improved organisational resilience, reduced downtime, compliance with regulatory and client requirements and enhanced reputation with stakeholders.

Is ISO 22301 a legal requirement?

ISO 22301 is not a legal requirement, but many regulators, clients and supply chains strongly encourage or require it as proof of business continuity capability.

How long does an ISO 22301 project take?

The timeframe depends on organisation size and complexity. Implementing ISO 22301 typically takes 6–12 months, though smaller organisations may take less time.

How do we maintain ISO 22301?

Maintaining ISO 22301 requires regular testing of business continuity plans, conducting audits, updating risk assessments and continual improvement of the BCMS.

Let’s get started on your business continuity management project

Browse our range of best selling business continuity management products, services and solutions that are easy to use and ready to deploy.

Find the expert you need

Choose a service
Or choose a subject

If you need technical support please, contact us .

Fill in the form to request a callback