For those planning training sessions or candidates intending to take an online exam during this period, we will be offering online exam sessions on December 27 and 29, as well as January 5, 2024. You can check the link to online exam events here .
An online learning platform offering expert-led video capsules and certificate programs to unlock a world of knowledge.
A gathering of professionals and experts who discuss on the latest trends and topics
An authentic source of information and inspiration
Online store for ISO and IEC standards, Toolkits, eBooks, etc.
- / Training & Certification
- / ISO 22301
ISO 22301 Business Continuity Management System - Training Courses
What is iso 22301.
ISO 22301, the international standard for business continuity management systems (BCMSs), is a comprehensive framework designed to enable organizations to effectively prepare for, respond to, and recover from unexpected incidents. By implementing a BCMS, organizations can detect and mitigate threats, as well as ensure uninterrupted operations. ISO 22301’s inclusive requirements are suitable for organizations of all types, sizes, and complexities, allowing them to adapt the standard to their unique operating environments. ISO 22301 is particularly advantageous for organizations seeking to ensure compliance with their business continuity policies, maintain service delivery during disruptions, and strengthen overall resilience through effective BCMS implementation.
ISO 22301 serves both as a protective measure and an evaluative tool. It helps organizations assess their capability to meet specific business continuity needs and obligations, thus ensuring long-term operational stability.
ISO 22301 Requirements and Structure
Why is Business Continuity important for you?
The numerous challenges and uncertainties in today’s business landscape, increase the importance of a resilient business continuity management system. Compliance with ISO 22301 stands as a crucial benchmark for organizations across various sectors, helping them to enhance their ability to handle disruptions, minimize risks, and safeguard critical operations. Adhering to the ISO 22301 standard enables organizations to fortify their response to incidents, ultimately elevating their overall operational security.
Certified ISO 22301 professionals will be able to demonstrate their profound knowledge of the standard’s requirements and effective implementation strategies and expertise in guiding organizations through business continuity management. With this certification, you will be well-prepared to lead teams in effectively managing disruptions, implementing robust controls, and ensuring compliance with ISO 22301, ultimately strengthening their ability to thrive in the face of adversity.
Benefits of ISO 22301 Business Continuity Management training
An ISO 22301 certification offers numerous advantages, including:
- A deep understanding of how a BCMS can align with and support your organization’s objectives
- The expertise to lead and manage a team in effectively implementing the BCMS based on ISO 22301
- The acquisition of skills to identify risks and minimize the impact of incidents, which is crucial for safeguarding business operations
- Ability to improve the recovery time of critical functions, making organizations more resilient
- A professional reputation that demonstrates your commitment to excellence and best practices in business continuity, resulting in increased customer reliability and trust
- International recognition which enhances your career prospects and credibility on a global scale
How do I get started with ISO 22301 training?
Our training courses are designed to meet the needs of professionals in the field of business continuity. A PECB certification reflects safety, reliability, and exceptional quality. If you are eager to join a global network and elevate your expertise, our dedicated experts are here to assist you every step of the way.
Contact us to begin with the first step .
PECB Certified ISO 22301 Training Courses available
Learn more about business continuity management systems by attending the PECB ISO 22301 training courses. Below you can find the training course that best suits you.
aaa PECB Certified ISO 22301 Foundation– Training, Examination, and Certification
- ISO 22301 Foundation
Become familiar with the best practices of business continuity management system based on ISO 22301
aaa PECB Certified ISO 22301 Lead Implementer– Training, Examination, and Certification
- ISO 22301 Lead Implementer
Master the implementation and management of business continuity management systems based on ISO 22301
aaa PECB Certified ISO 22301 Lead Auditor- Training, Examination, and Certification
- ISO 22301 Lead Auditor
Master the audit of business continuity management systems based on ISO 22301
aaa PECB Certified ISO 22301 Transition – Training, Examination, and Certification
- ISO 22301:2019 Transition
Become acquainted with the differences between ISO 22301:2012 and ISO 22301:2019
Book your seat
Check the dates and book now.
SUBSCRIBE TO OUR NEWSLETTER
Training & Certification
- Ethical Hacking
- Training Course Catalog
- Attributed Territories
- Exam Rules and Policies
- Online Exam Manual
- Invigilator Guide
- Candidate Handbooks
- Certification Rules and Policies
- Certification Maintenance
- Certificate Verification
- Master Credentials
- Leadership, Committees and Advisory Boards
- PECB Code of Ethics
Terms, Conditions, and Policies | Privacy Statement
© 2024 Professional Evaluation and Certification Board. All rights reserved.
Official website of the Cybersecurity and Infrastructure Security Agency
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
- Education & Training
- NICCS Education & Training Catalog
- Certified Information Security
#Certified ISO 22301 Business Continuity Manager (ISO 22301 CBCM)
- Online, Instructor-Led
- Online, Self-Paced
This is the expert-level business continuity management certification. This certification maps to all ISO 22301 competence requirements. Building upon the foundation understanding of the Business Continuity Management System (BCMS) platform validated by the Certified Business Continuity Strategist credential, the Certified Business Continuity Manager (CBCM) attests to your ability to develop the necessary incident management plans (IMPs) and response procedures necessary to fulfill the strategic objectives that have already been finalized. The CBCM also certifies that you have the necessary knowledge and skills to properly administrate the deployment, testing, and maintenance of IMPs and response procedures.
CBCM certification ensures that you are qualified to develop strategic objectives including, but not limited to: ✅ determine and guide the selection of alternative business recovery operating strategies for continuation of business within recovery time and/or recovery point objectives, while maintaining the organization's critical functions; ✅ deliver solutions for continuation of business within the recovery time and/or recovery point objectives, whilst maintaining the organization's critical functions; ✅ develop, coordinate, and evaluate plans and procedures to communicate with internal stakeholders during incidents; ✅ provide post-incident support and guidance for employees and their families Upon completion of this training and certificate program, you will also: ✅ expand your risk management and business continuity competency in line with internationally recognized standards of best practice; ✅ increase your credibility through gaining international recognition; and ✅ improve your résumé and help to increase your earning potential.
- Collect and Operate
- Operate and Maintain
- Oversee and Govern
- Protect and Defend
You are using an outdated browser. Please upgrade your browser or activate Google Chrome Frame to improve your experience.
BCI Emergency & Crisis Communications Report 2024
The BCI is pleased to launch the 10th edition of its Emergency and Crisis Communications Report
BCAW+R Call for Content
The call for content for our annual Business Continuity & Resilience Awareness Week is open, get involved by contributing a case study and/or presenting a webinar!
BCI Word Hybrid 2024 PAG
Planning is now well underway for BCI World Hybrid 2024 conference … and we need you!
CBCI Refresher Course
Bridge the knowledge gap between the GPG 2018 and GPG 7.0
The BCI has partnered with PushFar to provide a career progression and professional mentoring software platform.
Leading the Way to Resilience
Join other business continuity professionals and resilience thought-leaders.
What is The BCI?
The BCI is the global membership association of choice for business continuity and resilience professionals. With 9,000 members in more than 120 countries, we provide education, training & certification, membership, thought leadership, events, and more. Find out more about what the BCI can do for you by following the links below…
Looking to become a Member? Learn more here
Learn more about our training courses here.
Explore our reports & content here.
View all upcoming events here
Through the excellence of our renowned education & training courses, our global network of BCI Members , the strength of our relationships , and the extensive foresight of our thought leadership , together with our members we work to build a world where organizations are resilient .
Never heard of business continuity before? Click here to learn all you need to know…
BCI Southern Africa Chapter: committee updates announced
BCI Mentoring showcase: Jayne Romanczuk MBCI
Training and exercising of crisis communications plans at a record high as organizations tackle the challenges of new working environments
- Press Release
Operational resilience - are you ready?
BCI Emergency & Crisis Communications Report 2024 Americas Launch
BCI Emergency & Crisis Communications Report 2024 APAC Launch
BCI Emergency & Crisis Communications Report 2024 EMEA Launch
BCI Emergency & Crisis Communications Regional Outlook 2024 Europe
- Research Report
BCI Emergency & Crisis Communications Regional Outlook 2024 Latin America & The Caribbean
BCI Emergency & Crisis Communications Regional Outlook 2024 Africa
BCI Emergency & Crisis Communications Regional Outlook 2024 Asia
BCI Emergency & Crisis Communications Regional Outlook 2024 Middle East
Preparing for DORA: Automating ICT Risk Management for Operational Resilience
GPG Edition 7.0 - PP1 – Establishing a business continuity management system
BCI Portugal Chapter Virtual Meeting
Masterclass: ISO 22301 Business Continuity Management Systems
A masterclass is a five-day advanced training course that will give you a deeper understanding of management systems.
By developing this expertise, you’ll be better equipped to implement the more challenging technical aspects of a management system standard or discipline. You’ll also have the competence to improve an existing management system by evaluating the effectiveness of its implementation.
The masterclass explores key clause requirements, concepts and principles - as well as related standards and guidance.
This masterclass will provide you with the knowledge and skills to implement, maintain and improve the more technical aspects of a business continuity management (BCM) system.
Using short presentations, discussions, self-reflection and classroom activities, this masterclass will delve into deeper technical areas, requirements and concepts than would be covered in an on ISO 22301:2019 Lead Implementer training course.
An expert BSI tutor will be on hand to facilitate discussions, draw insights and experiences among the class. This will bring to life the concepts for designing and maintaining a BCM to safeguard your organization. It will enable you to maximize the applicability of your learning from the masterclass to your workplace.
The masterclass will cover the context of the organization and integration with business processes, along with the consideration of a wide variety of associated guidance and related standards.
Unexpected disruptions can have significant impact on the continuity of core processes of organizations, thus on their ability to provide products and services. In today’s fast changing world, where competition is getting tougher, organizations are seeking ways to survive and prosper from unexpected disruptions.
Our ISO 22301:2019 masterclass is designed for business continuity professionals seeking to develop in their business continuity journey. Critical processes will be explored, especially under clause 8 operation of the ISO 22301 standard
How will you benefit?
This masterclass will help you to:
- Gain an understanding of effective business continuity management throughout an organization, and therefore how to continue the critical services during or after disruptions
- Understand how to maintain and improve a robust BCMS in alignment with ISO 22301:2019
- Learn the good practice techniques contained in a BCMS in alignment with templates produced on these practices
- Gain hands on experience and learn about different perspectives on managing a BCMS
- Gain a deeper understanding on how to establish critical business continuity processes and to implement business impact analysis (BIA) in alignment with ISO 22313 (Societal security - Guidance on global best practice to organizations implementing an effective Business Continuity Management System (BCMS) and ISO 22317 (Guidelines for business impact analysis (BIA)) guidance standards
- Maintain, improve and manage a BCMS
- Create the framework for your own BCMS
- Explore different perspectives of managing a BCMS which can lead to increased effectiveness and efficiency
You’ll have the knowledge to:
- Explain business continuity (BC), ISO 22301:2019 requirements and related standards
- Discuss legal and regulatory requirements, process categorization and BCMS scope
- Describe business impact analysis (BIA)
- Explain recovery time objectives (RTO), maximum tolerable period of disruption (MTPD), and prioritization
- Identify, analyze and evaluate BC risks in alignment with guidance standards
- Define requirements of BC plans and procedures
- Communicate the importance of exercising and develop an exercise programme
- Determine metrics and KPIs and evaluate performance of a BCMS
You’ll have the skills to:
- Determine and monitor legal and regulatory requirements
- Categorize processes and determine the scope of a BCMS
- Establish a BC risk management process
- Establish and implement a BIA process
- Determine BC strategies and solutions for prioritized processes
- Review and establish BC processes, procedures and business continuity plans (BCP)
- Evaluate BC documentation and capabilities and establish performance metrics
This masterclass is for anyone involved in the detailed technical management and improvement of a BCMS based on ISO 22301:2019. It is suitable for many roles including:
- Business continuity or enterprise risk managers and professionals who are seeking to gain new perspectives in BCMS practices
- Consultants who have desire to take their business continuity knowledge to an advanced level
- Business continuity management system practitioners
- Crisis management team members
- Incident and emergency response team members
- Disaster recovery team members
- Anyone working within business continuity
Please note: If you’re more interested in the process of implementation, you will find our Implementation course more appropriate. If you’re leading an implementation team and want to learn about the requirements, process and project management aspects of the implementation of a BCMS, our Lead Implementer course is more suitable.
- Detailed course notes
- On completion, you’ll be awarded an internationally recognized BSI Training Academy certificate.
Let's shape your organization's future together
Reach out and see how we can help guide you on your path to sustainable operational success.
ISO 22301 – The Business Continuity Management Standard, Simplified
See how ISMS.online can help your business
The ISO 22301 business continuity management standard helps organisations identify and prioritise threats. It allows them to implement their business continuity management system effectively so they are ready to respond to and recover from incidents with the least disruption to business.
Jump to topic
What is iso 22301, and why do you need it.
In a world where cyberattacks, data breaches and natural disasters can interrupt business continuity and quickly damage reputation, organisations and businesses need to implement, maintain and keep refining their business continuity management system (BCMS). ISO 22301 certification of their continuity management ensures they are doing so.
ISO 22301 helps organisations identify and prioritise threats. It allows them to implement their business continuity management system effectively so they are ready to respond to and recover from incidents with the least disruption to business.
Studies have shown that almost 1 in 5 organisations experience significant business disruptions every year. Therefore, a robust and resilient organisation is one that can change with the times, has an understanding of where its vulnerabilities are and have plans in place to mitigate risk as well as respond if it needs to do so. Compliance or certification to ISO 22301 business continuity management allows your organisation to achieve all of the above in a straightforward and structured manner.
The latest version of the standard
On 31 October 2019 the latest version of the ISO 22301 standard was published – ISO 22301:2019. This is a revised version of ISO 22301:2012. It aims to make the standard “more streamlined and practical”, according to the ISO. According to the United Kingdom Accreditation Service (UKAS), companies will be able to transition from ISO 22301:2012 to ISO 22301:2019 up until 30 April 2023. The deadline was, as an exception, extended due to the Covid-19 situation. The 2019 version has been generally well received and transitions from old to new versions of the standard are seen as a not overly onerous value adding exercise.
You can find the ISO 22301 business continuity management standard documentation on the official ISO website .
ISO 22301:2019 provides businesses with the most up-to-date security and resilience certification to be sure their business continuity management systems meet the international standard, set out by the ISO.
The Relationship With ISO 22301:2012
There’s not a radical difference between ISO 22301:2012 and ISO 22301:2019. Both versions necessitate senior management involvement, and the updated model reflects on what is required to sustain a successful BCMS.
That sustainability becomes much more comfortable with a technology-based business continuity management systems such as ISMS.online.
ISO 22301:2012 was published in May 2012 and amended in June of the same year. The management system requirements established in ISO 22301 business continuity management had meant to extend to all organisations. The degree to which the criteria becomes implemented depends on the operating environment and the scope of the organisation, similar to how one would develop their range for other management system standards like ISO 27001.
While several concepts and terminology of business continuity management have been revised to expand context and reflect established procedures, Clause 8; Operation, is the main area where changes have occurred.
ISMS.online offers ISO 22301 business continuity management frameworks within its packaged services. That means organisations who wish to migrate their existing business continuity management systems can, as well as those embarking on ISO 22301 for the first time.
What is Business Continuity Management?
If your company was affected by a catastrophe or a crisis, would your business be able to continue? When incidents and natural disasters strike, there is little time to prepare a response structure, particularly when the key people, processes, networks, infrastructure and other essential services get disrupted.
A disaster has no bounds. It could impact your business continuity internally and externally, affecting your customers and the supply chain too. Whether you are a small or a large business, you can face impact. The primary purpose of business continuity management is to reduce the likelihood of threats and guarantee that the company reacts to significant disturbances that could endanger its future.
Business continuity management is about responsible and effective leadership. It should provide a foundation for developing resilience to incidents as well as the ability to respond successfully, safeguarding the interests of your key stakeholders, reputation, and value-creating operations of your company.
A business continuity strategy with a documented management system should ensure that workers are mindful of their roles and responsibilities. In the case of an unexpected occurrence, it is essential to be able to adapt to established processes and approved procedures.
Business continuity plans within ISMS.online
Many of our customers develop simple yet effective business continuity plans within ISMS.online for meeting ISO 27001 and protecting their valuable information assets. Other customers take that even further with ISO 22301 and introduce more sophisticated resilience planning and prevention, as well as response mechanisms to incidents.
The benefits of Business Continuity Management
Business continuity management helps organisations reduce the likelihood and impact of disruption and downtime, protect assets if something does go wrong, continue operating through the disruption, and recover as quickly as possible from any incidents that do occur. Having business continuity plans in place will help your organisation in the following ways:
Comply with legal requirements
ISO 22301 is used for legal and regulatory certification of continuity management, ensuring all the required elements of a business continuity management system are being met.
Achieve marketing advantage
Brand reputation is precious for any organisation and should be protected at all costs. With a continuity management system, it’s possible to build customer confidence and trust, reducing the likelihood of a PR disaster that could damage relationships with stakeholders including customers, clients and suppliers.
Reduce dependence on individuals
Through planning, training, awareness programmes and testing, everyone in an organisation should understand what is expected of them. This breeds confidence that the business continuity plans will deliver in the event of a disruption.
Prevent large-scale damage
It’s vital to keep your business trading during and after an incident. By recovering business operations quickly after interruptions, it’s possible to reduce the cost of damaging incidents, protect the organisation’s reputation and even save lives, if dangerous events, such as fire or flooding, occur.
Mishaps and unplanned events vary in scale, speed and impact, possibly only hitting a single department or location. Identifying and planning for possible smaller-scale issues that could escalate into major operational difficulties for the entire organisation will keep the wheels turning.
Manage all your compliance in one place
ISMS.online supports over 100 standards and regulations, giving you a single platform for all your compliance needs.
Business Continuity Risk
Business continuity management using a well-documented management system helps you to identify better and reduce the likelihood of disruptive incidents or address business continuity risks. Business continuity management leads to the growth of a more stable environment, although companies with no successful business continuity management systems will increase chances significantly. A well-developed, organised and rehearsed Business Continuity Plan (BCP) can help the business rebound from an incident as quickly as possible.
All of your procedures must be up-to-date, accurate and efficient. Methods include but are not limited to corporate risk assessments, information security risk reviews, and addressing your health and safety policies, as well as your continuity management plan.
Examples of business continuity risks include:
- Cyberattacks and data breaches
- Unplanned IT and telecom outages
- Interruption to utility supply
- Adverse weather and other environmental causes
- Pandemics and epidemics
- Acts of terrorism
- Security incidents
- Loss of key personnel
- Physical property destruction or material loss
Business continuity management details the steps you need to take in an emergency in the form of a Disaster Recovery Plan (DRP). A Disaster Recovery Plan is a documented, organised business continuity strategy that demonstrates how to respond to disruptive incidents.
The Disaster Recovery Plan begins its formation following a more detailed business impact analysis, which helps demonstrate where the most significant impact and consequences are from an event. ISMS.online gives you the tools you need to manage your business impact analysis, disaster recovery plans, and much more using information technology.
Your DRP should include a short-term arrangement to fix and rebuild critical business systems, and a plan to address problems such as root cause identification and a long-term prevention approach. There are many options available to ensure that an organisation has a setup with a contingency system that provides the best solution.
For example, the on-site recovery system would ensure that data can be retrieved more efficiently with data backups and other means. Your prevention measures should also protect from potential server failure and consider the risk of external contractors. You would then build contingency plans and alternative business continuity strategies for the absence of supplies that are vital to business operations long before they even become a disaster recovery issue.
What is a BCMS?
A business continuity management system, put very simply, is a recognised approach for ensuring an organisation can continue business operations and respond effectively to disruptive incidents.
ISO 22301 provides a constant and established method of business impact analysis with a framework based on recognised good practice. Anyone implementing and achieving certification for an ISO 22301 based business continuity management system will find instant recognition and understanding from influential customers, including educated experts, auditors and other interested parties.
When based on ISO 22301, ISO itself emphasises the importance of business continuity management systems:
- Showing the organisation understands the needs and necessity for a stated business continuity policy and objectives
- Implementation and execution of processes, incident response mechanisms and other interventions to ensure the organisation survives a disruption
- Monitoring and continuous improvement of the business continuity management system
Demonstrating good practice for business continuity management
Following ISO 22301 as a basis for your BCMS will provide proof that the company has taken the necessary steps to meet regulatory requirements in addition to the recognised good practices.
A best practice in business continuity incorporates the lifecycle of business continuity management as you can make it possible to maximise the efficiency and quality of your business continuity management systems. ISO 22301 provides a framework regarding international best practices on the well-understood concept of Plan/Do/Check/Act. This concept applies to organisations that implement, maintain and improve their business continuity management systems, which seeks to ensure compliance with the stated policy on business continuity.
With a business continuity management system based on the requirements of ISO 22301, both internal and external interested parties can be made aware that the organisation operates with good practices in business continuity management.
Disaster recovery and BCMS
In developing effective business continuity plans, an organisation will be well-placed to implement practices that reduce the likelihood of incidents and damage to the organisation. Not only this, but effective business continuity plans help you better understand your organisation and run it more effectively.
ISO guidance helps organisations identify and manage compliance, typically using a series of procedures, policies, process diagrams or similar. This guidance helps them plan for and rebound from disruptions in their business activities. However, it’s still better to avoid them entirely, although that is not always possible or feasible financially or technically. It is also essential to clarify priorities if an incident occurs, for example: what is the goal of recovery time? What is the highest endurable downtime? You can use the answer to these questions to prepare your disaster recovery plan. Speed of recovery must be a consideration. An ISO 22301-aligned business continuity management system will include disaster recovery and effective business continuity plans to help your company recover your critical operations as rapidly as possible.
BCMS and cyber-resilience
Implementing a business continuity management system (BCMS) is imperative to developing cyber resilience in today’s cyber security environment. Part of the ISO 27001 Information Security Standard contains a clause about business continuity – ISO 22301 more than satisfies this ISO 27001 requirement.
Cyberattacks routinely have hit the headlines in the last decade. For instance, the infamous global WannaCry ransomware attack in May 2017 left a trail of devastation as organisations were denied access to their own data and forced to halt business operations until large ransoms were paid.
Such incidents demonstrate the importance of ensuring your business can respond to and recover from disruptions, by implementing an effective business continuity management system (BCMS).
The benefits of ISO 22301
There are many advantages of ISO 22301, including returning the organisation to ‘business as usual’ with minimal disruption from any crisis.
Having the ability to continue business operations regardless of any minor or major incident taking place is becoming increasingly important to businesses in all sectors. A Business Continuity Management System (BCMS) allows a company to plan for these incidents. This leads to greater competitiveness and decreases the amount of operational down time a business will have, should the unexpected occur.
ISO 22301 gives businesses and organisations the ability to respond appropriately in the event of disruptive incidents and avoid waste or unnecessary loss. Through proactively assessing the effect of the disruption, business continuity management recognises the products and services that are essential to the organisation’s survival. It seeks to determine what solutions and contingency planning will be required if an incident was to occur.
Compliance with ISO 22301 helps with meet the requirements of corporate governance. Essentially the standard can provide evidence that the organisation has taken the necessary steps to comply with regulatory requirements that call for an effective business continuity management programme.
Crisis Management (CM) refers to the overall coordination of an organisation’s response to a crisis, in an effective, timely manner. For those responsible for handling crisis management, the goal is to avoid or at least minimise damage to the organisation’s profitability, reputation, or ability to operate. Meeting the ISO 22301 standard confirms the appropriate measures are in place for this to happen.
Disaster recovery activities concentrate on returning the organisation to “business as usual” after a traumatic event and putting it on track towards complete recovery. It’s important to recognise that this is different from business continuity management, which is about ensuring that the enterprise can continue to reduce the likelihood of natural disasters and function during a crisis.
Protection of reputation in a crisis
ISO 22301 certification shows stakeholders that your business continuity capability is appropriate for the scale and scope of your organisation. Like ISO 27001, it engenders more trust, especially when certified by an independent certification body. It aids your understanding of business needs by identifying potential failures and risks. Businesses can then demonstrate to stakeholders, consumers, vendors and regulators, that they have a robust business continuity management system and processes in place.ISO 22301 will also increase stakeholder trust in the organisation’s ability to respond to disruptive incidents and events, and to sustain critical business processes should a catastrophe occur.
Preparation for technology failures
From telecommunications breakdown to loss of access to stored data, technology failures can be hugely damaging to an organisations profitability and reputation. ISO 22301 ensure all measurements are in place to mitigate such disruption and ensure all departments are prepared for the worst-case scenario.
Reduce business interruption insurance costs
With a BCMS in place that conforms with ISO 22301, an organisation has more meaningful insights into the impacts of a potential disaster. This enables the business to better evaluate the type and value of insurance cover it requires, potentially reducing costs in the long term.
Plan for the sudden loss of critical resources
It follows that if there is proactive identification of the impact of disruption, an organisation will be a strong position to maintain business continuity. Business continuity management systems help to establish what responses will be needed if a disruption occurs and ISO 22301 further provides the capability to adequately react in case of any such disruption.
How does ISO 22301 work?
ISO 22301 works by setting out how to build a management system that helps an organisation to plan for any type of incident that might affect its ability to operate effectively.
This standard provides a framework for an organisation to define responsibilities and makes it possible to assess and review business continuity performance over time. With ISO 22301 you can create the documents necessary to provide auditable evidence of contingency capabilities, as part of ongoing compliance requirements.
Performance assessment, audits and continual improvement are central to the management system standard set out by ISO 22301:2012 and ISO 22301:2019.
Who can implement ISO 22301?
The ISO/IEC 22301 BCMS standard extends to organisations of all sizes, across all markets and all experience levels. Implementing ISO 22301 business continuity management includes reviewing operational structures to identify potential shortfalls and allowing the organisation to concentrate on its goals and business continuity objectives.
The business needs of the implementation project are specific to the company implementing the standard and ISMS.online makes that straightforward. There’s no need to concentrate on ‘how’ you’ll implement and manage ISO 22301, you can simply focus on the activities within the standard and focus on ‘what’ you need to do for prevention and cure.
How to Implement ISO 22301?
When you implement ISO 22301 business continuity management, the first simple step is to think about addressing the primary requirements of the standard. This starting point will encourage you to take a strategic approach (hence why leadership is so important) and set the context, the scope, as well as develop a stated business continuity policy and objectives of the business continuity management systems.
Developing a business continuity policy will help identify your areas of risk and opportunity. From here, you can consider the impacts of those risks and what it might mean for consequences and the time to failure, recovery etc. Doing so will help you discover any holes or shortcomings in your current ISO management systems standards requirements. You will also identify and provide practical suggestions for improving them. ISO describes this as business continuity strategies and solutions.
Get help with implementation
ISMS.online has partners that can help with your ISO 22301 implementation, from achieving a pragmatic and straightforward business continuity management systems approach to a highly sophisticated BCMS.
Book a demo today to explore available options
Once you’ve completed your implementation, it is essential to undertake regular audits of the business continuity management system. Internal audits are mandatory for achieving independent certification of the BCMS too. Performance reviews also complement internal audits to make sure that your management systems are operating as expected at all times.
The ISO auditor would also expect to see a record of improvements your organisation has made over time. Having a method for addressing nonconformities, corrective actions and other enhancements is a crucial requirement.
Getting started with ISO 22301
We encourage organisations to buy the ISO international standard and digest that to understand the ISO management system standards requirements fully. We recommend starting at the beginning (4.1 understanding the organisation and its context) and avoid jumping into developing incident response plans until you’ve considered the scope, risks and impacts.
ISMS.online is also pre-configured with a range of tools that helps follow the process easier and means you retain a focus on the business. It also maps into the more comprehensive tools and features set for ISO 27001, meaning you can also achieve many of the ISO 22301 management systems requirements. You will be able to manage tasks like audits, performance reviews, management meetings, staff education etc. all at the same time.
You will reduce costs, simplify learning for staff and make the administration of the broader business management system that much more comfortable too. External auditors also find that much more effective and take great confidence when they see consistent operating practices across the ISO standards.
Compliance doesn’t have to be complicated.
We've done the hard work for you, giving you an 81% Headstart from the moment you log on. All you have to do is fill in the blanks.
The ISO 22301 framework
Here we summarise the framework that is set out in ISO 22301:
The ISO 22301 framework is for all types and sizes of organisations that implement, maintain and improve a BCMS. It should be adopted as a strategic intent by any business that wants to conform with stated business continuity policy and is committed to enhancing resilience through the effective application of the business continuity management systems.
Fundamentally, business continuity management systems planning begins with assessing and determining the risks and opportunities regarding business continuity management. The organisation must also establish business continuity objectives for the relevant functions and levels. These objectives must be monitored, clearly communicated, and updated as appropriate.
In every industry, it’s vital that the management team can demonstrate leadership and commitment to the BCMS. This can be achieved by ‘ensuring the business continuity policy and business continuity objectives are established and are compatible with the strategic direction of the organisation’ says ISO. Leadership should use communication channels to show its people and partners the importance of effective business continuity and of conforming to the business continuity management systems requirements. The leadership strategy must also promote continual improvement and development of a culture of business continuity.
Business continuity strategy relies on operational processes being in place for incident preparedness and incident response across all functions of the business. That means establishing criteria for the processes and implementing control of the processes in line with agreed criteria. From having in place a media and communication strategy to tightly managing site risk in the aftermath of disruptive incidents, disaster recovery is reliant on continuity plans. A crucial step is keeping documented information for the purpose of proving that processes and BC testing have been carried out as planned and improved where needed.
- Performance evaluation
Performance assessment means a great deal can be learnt from incidents taking place. By monitoring successes and limitations, knowledge builds up. Interested parties have a responsibility to keep records, and use the results of audits to help them make the right decisions about how to manage business disruptions going ahead. By establishing an audit programme the organisation can ensure that any necessary corrective actions are taken. The aim is to eliminate detected nonconformities and their causes.
Continual improvement is central to the documented management system standard set out by ISO 22301. Any revisions and improvements to the way the BCMS is managed will enhance the business continuity management plan over time.
ISO 22301 policies and procedures
Policies and procedures for an ISO 22301 business continuity management compliance project must be carefully managed.
An organisation must demonstrate compliance with the ISO business continuity standard by providing appropriate documentation. This includes a scope, a detailed business continuity policy, a formal risk assessment procedure and business continuity plans that show how the organisation will respond to and recover from disruption.
- Terms and definitions
The standard talks in detail about security and resilience. It uses a wide range of either specialist technical terms, or common terms that have a specific meaning in a security and resilience context.
To help you understand them, it includes definitions of the 31 most important ones. It also points you towards “ISO 22301 Security and Resilience – Vocabulary”, which lists and defines almost 300 security and resilience terms.
There are some associated guideline documents that add more detail to the requirements in ISO 22301. Some of these are listed inside ISO 27001, standout guides are:
ISO 22313 – Guidance on the use of ISO 22301 ISO 22317 – Guidelines for Business Impact Analysis (BIA) If you need to understand a term that isn’t listed here, you should check in ISO 22301 to see what it means.
You can also find terms and definitions online.
ISO and IEC maintain terminological databases for use in standardisation at the following addresses:
- ISO Online browsing platform
- IEC Electropedia
Understanding these terms is very important. For those who are not already expert in this field, they can be a little difficult to get to grips with.
If you choose to work with us we’ll make sure you understand them. We explain them in our own support materials, and if you need more targeted help we can either answer your questions ourselves or find the right independent partner to work with you.
Auditing & Compliance
An audit is an evidence gathering process with the purpose of evaluating how well key criteria are being met. Audits must be objective, impartial, and independent, and the audit process must be both systematic and documented.
Internal audits are a mandatory part of a certified BCMS. In addition, the chosen certification body will undertake periodic ‘external’ audits in order to firstly certify the BCMS and then ensure it remains compliant to the standard. It’s also possible to carry out combined audits. This is when two or more documented management systems of different disciplines are audited together at the same time. An ISO auditor will expect to see a record of improvements your organisation has made over time. Having a method for addressing nonconformities, corrective actions and other enhancements are crucial requirements.
The importance of testing the BC arrangements
There are various ways to test the documented arrangements and plans contained in the BCMS. Examples include tabletop exercises, full or part-scale exercises and also harnessing learning from real events. ISO 22301 mandates these processes happen regularly as appropriate to your organization’s activities and risk profile.
Having achieved certification, you need to put in place a maintenance plan to ensure continued compliance to the ISO 22301 standard. At ISMS.online we have particular expertise in this.
We also understand that continuous improvement is an important part of maintaining an ISO 22301 certification. Clause 10 focuses on this, covering all actions taken within an organisation to:
Deliver business continuity goals more effectively Increase the reliability of security procedures and controls Create increased security benefits for the organisation and its stakeholders
ISO 22301 Requirements
ISO 22301:2019 implements the framework, fundamental text and definitions of Annex L, formerly Annex SL. Annex L establishes a high-level framework for ISO management system standards. The Annex was drawn up to incorporate a similar core text and common terminology and concepts.
Except for Clause 8, the Annex L requirements address many of the same areas as the core requirements of ISO 27001, covered in Section 4.1 through to 10.2.
- ISO 22301: The Business Continuity Standard
- Clause 1 – Scope
- Clause 2 – Normative references
- Clause 3 – Terms and definitions
- Clause 4 – Context of the Organization
- Clause 6 – Planning
- Clause 7 – Support
- Clause 8 – Operations
- Clause 9 – Performance Evaluation
- Clause 10 – Improvement
What is ISO 22301?
ISO 22301:2012 was the first version of this standard and was revised to ISO 22301:2019 on 31 October 2019. ISO 22301:2019 is also the first ISO standard to implement Annex L, from ISO/IEC Directive 1, which offers a common foundation for all new ISO management system standards.
Why is ISO 22301 Important?
- retaining essential functions in times of crisis
- demonstrating resilience to consumers, suppliers and tender requests
- detecting and handling current and potential risks to your business
- taking a proactive approach to mitigating the effect of disruptive incidents
If well done, it is possible to implement ISO 22301 and business continuity management while adopting other management system standards.
What is a Business Continuity Management System (BCMS)?
- demonstrate the company recognises the importance and requirements of business continuity policies and objectives
- introduce and execute procedures for incident management strategies and other measures to ensure that the organisation effectively manages and recovers from a disruption
- track and continuously improve the business continuity system
Using a BCMS compliant with ISO 22301 communicates to stakeholders that your business continuity capability is acceptable for your organisation’s size and scope.
What are business continuity risks?
Business continuity management using a well-documented management system helps you to identify better and reduce the likelihood of disruptive incidents or address business continuity risks. Business continuity management leads to the growth of a more stable environment, although companies with no successful business continuity systems will increase chances significantly.
A well-developed, organised and regularly-reviewed Business Continuity Plan (BCP) can help the business or organisation rebound from an incident as quickly as possible.
It’s essential for procedures to be up-to-date, accurate and efficient. Methods include but are not limited to corporate risk assessments, information security risk reviews, and addressing your health and safety policies, as well as your continuity management plan.
Are you prepared to respond to and recover from a disruptive incident?
To manage such risks, organisations need effective business continuity management plans to help them quickly recover from any event.
Organisations that invest in business continuity management systems reduce the likelihood of damage to revenues and reputations when emergencies arise.
What is an ISO 22301 certificate?
The ISO 22301 standard has a ‘high-level structure’, shared with other ISO management systems standards. This creates a consistency which can help organisations integrate several management systems to meet their business continuity needs.
What is business continuity management ISO 22301?
How many key clauses are there in iso 22301.
- Normative references
What is the latest version of ISO 22301?
You can find the ISO 22301:2019 standard documentation on the official ISO website here: https://www.iso.org/standard/75106.html
Why Choose ISMS.online?
ISMS.online provides a comprehensive and intuitive range of Business Continuity Management tools to help you plan for the unexpected, and then respond accordingly. Our BCM tools allow you to put all of your work relevant to ISO 22301 and Business Continuity Management System (BCMS) together. Additionally, you can easily combine ISO 22301 and ISO 27001 with ISMS.online, and obtain certification for both in our powerful all-in-one platform.
complete compliance solution
Want to explore start your free trial..
Sign up for your free trial today and get hands on with all the compliance features that ISMS.online has to offer
ISMS.online launches Mobile Policy Packs. Click here to find out more
Technology and Management Training Courses and Seminars
Call Us Today: +1-972-665-9786
ISO 22301 Business Continuity Management System (BCMS)
ISO 22301 Business Continuity Management System Training by Tonex
ISO 22301 Business Continuity Management System (BCMS) Training by Tonex is a comprehensive course that covers the essential concepts and practices of business continuity management. The course is designed to help you understand the importance of BCMS, the requirements of ISO 22301, and how to implement a successful BCMS in your organization.
The course is delivered by experienced trainers who are experts in business continuity management. The trainers will use a variety of teaching methods, including lectures, case studies, and exercises, to help you learn the material.
The Tonex ISO 22301 BCMS Training course is designed for a wide range of audiences, including:
- Business continuity managers
- IT managers
- Risk managers
- Compliance officers
- Quality managers
- Security professionals
- Anyone who is responsible for ensuring the continuity of their organization’s operations
- Define business continuity management and explain its importance
- Describe the requirements of ISO 22301
- Conduct a risk assessment and identify the risks that could disrupt your organization’s operations
- Perform business impact analysis and identify the critical activities that must be maintained during a disruption
- Develop continuity plans for the critical activities identified in your business impact analysis
- Respond to incidents and recover from disruptions
- Test and maintain your BCMS to ensure that it is effective
- Introduction to business continuity management
- The importance of business continuity management
- The history of business continuity management
- The business case for business continuity management
- The benefits of business continuity management
- The requirements of ISO 22301
- The scope of ISO 22301
- The structure of ISO 22301
- The key concepts of ISO 22301
- The process approach of ISO 22301
- Risk assessment and management
- The purpose of risk assessment
- The steps in risk assessment
- The types of risks
- The risk assessment matrix
- Risk treatment
- Business impact analysis
- The purpose of business impact analysis
- The steps in business impact analysis
- The business impact analysis matrix
- The critical activities
- The recovery time objectives
- Continuity planning
- The purpose of continuity planning
- The steps in continuity planning
- The continuity planning process
- The continuity plans
- Incident response
- The purpose of incident response
- The steps in incident response
- The incident response plan
- The incident management team
- Testing and maintenance
- The purpose of testing and maintenance
- The types of tests
- The maintenance process
- The continuous improvement process
Request More Information
Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.
* Indicates required fields
- Name * First Last
- Country Code USA +1 ALB +355 ALG +213 ASA +1-684 AND +376 ANG +244 AIA +1-264 ROS +672 ATG +1-268 ARG +54 ARM +374 ARU +297 AUS +61 AUT +43 AZE +994 BAH +1-242 BHR +973 BAN +880 BRB +1-246 BLR +375 BEL +32 BLZ +501 BEN +229 BER +1-441 BHU +975 BOL +591 ANT +599 BIH +387 BOT +267 BRA +55 VGB +1-284 BRU +673 BUL +359 BFA +226 BDI +257 CPV +238 CAM +855 CMR +237 CAN +1 CAY +1-345 CTA +236 CHA +235 CHI +56 CHN +86 HKG +852 MAC +853 CXR +61 CCK +61 COL +57 COM +269 CGO +242 COK +682 CRC +506 CRO +385 CUB +53 CYP +357 CZE +420 CIV +225 PRK +850 COD +243 DEN +45 DJI +253 DMA +1-767 DOM +1-809 ECU +593 EGY +20 SLV +503 EQG +240 ERI +291 EST +372 SWZ +268 ETH +251 FLK +500 FRO +298 FIJ +679 FIN +358 FRA +33 GUF +594 TAH +689 GAB +241 GAM +220 GEO +995 GER +49 GHA +233 GBZ +350 GRE +30 GRL +299 GRN +1-473 GLP +590 GUM +1-671 GUA +502 GBG +44 GUI +224 GNB +245 GUY +592 HAI +509 VAT +39-06 HON +504 HUN +36 ISL +354 IND +91 IDN +62 IRN +98 IRQ +964 IRL +353 GBM +44 ISR +972 ITA +39 JAM +1-876 JPN +81 GBJ +44 JOR +962 KAZ +7 KEN +254 KIR +686 KUW +965 KGZ +996 LAO +856 LVA +371 LIB +961 LES +266 LBR +231 LBY +218 LIE +423 LTU +370 LUX +352 MAD +261 MWI +265 MAS +60 MDV +960 MLI +223 MLT +356 MHL +692 MTQ +596 MTN +222 MRI +230 MYT +262 MEX +52 FSM +691 MON +377 MNG +976 MNE +382 MSR +1-664 MAR +212 MOZ +258 MDA (+373) MYA +95 NAM +264 NRU +674 NEP +977 NED +31 NCL +687 NZL +64 NCA +505 NIG +227 NGA +234 NIU +683 NFK +672 NMI +1-670 NOR +47 OMA +968 PAK +92 PLW +680 PAN +507 PNG +675 PAR +595 PER +51 PHI +63 PCN +870 POL +48 POR +351 PUR +1 QAT +974 KOR +82 MDA +373 ROU +40 RUS +7 RWA +250 REU +262 SHN +290 SKN +1-869 LCA +1-758 SPM +508 VIN +1-784 SAM +685 SMR +378 STP +239 KSA +966 SEN +221 SRB +381 SEY +248 SLE +232 SIN +65 SVK +421 SVN +386 SOL +677 SOM +252 RSA +27 ESP +34 SRI +94 PLE +970 SUD +249 SUR +597 SWE +46 SUI +41 SYR +963 TJK +992 THA +66 MKD +389 TLS +670 TOG +228 TKL +690 TGA +676 TRI +1-868 TUN +216 TUR +90 TKM +993 TCA +1-649 TUV +688 UGA +256 UKR +380 UAE +971 ENG,NIR,SCO,WAL +44 TAN +255 VIR +1-340 URU +598 UZB +998 VAN +678 VEN +58 VIE +84 WLF +681 SAH +212 YEM +967 ZAM +260 ZIM +263 ALD +358
- Company Name *
- Title / Position
- Location City State / Province / Region Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo, Democratic Republic of the Congo, Republic of the Cook Islands Costa Rica Croatia Cuba Curaçao Cyprus Czech Republic Côte d'Ivoire Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Eswatini (Swaziland) Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island North Korea Northern Mariana Islands Norway Oman Pakistan Palau Palestine, State of Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Romania Russia Rwanda Réunion Saint Barthélemy Saint Helena Saint Kitts and Nevis Saint Lucia Saint Martin Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Sint Maarten Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia South Korea South Sudan Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Islands Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu US Minor Outlying Islands Uganda Ukraine United Arab Emirates United Kingdom United States Uruguay Uzbekistan Vanuatu Venezuela Vietnam Virgin Islands, British Virgin Islands, U.S. Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Åland Islands Country
- Your Request:
- How did you learn about Tonex Training?
- Comments This field is for validation purposes and should be left unchanged.
Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible. * Indicates required fields Name * First Last Email * Country Code USA +1 ALB +355 ALG +213 ASA +1-684 AND +376 ANG +244 AIA +1-264 ROS +672 ATG +1-268 ARG +54 ARM +374 ARU +297 AUS +61 AUT +43 AZE +994 BAH +1-242 BHR +973 BAN +880 BRB +1-246 BLR +375 BEL +32 BLZ +501 BEN +229 BER +1-441 BHU +975 BOL +591 ANT +599 BIH +387 BOT +267 BRA +55 VGB +1-284 BRU +673 BUL +359 BFA +226 BDI +257 CPV +238 CAM +855 CMR +237 CAN +1 CAY +1-345 CTA +236 CHA +235 CHI +56 CHN +86 HKG +852 MAC +853 CXR +61 CCK +61 COL +57 COM +269 CGO +242 COK +682 CRC +506 CRO +385 CUB +53 CYP +357 CZE +420 CIV +225 PRK +850 COD +243 DEN +45 DJI +253 DMA +1-767 DOM +1-809 ECU +593 EGY +20 SLV +503 EQG +240 ERI +291 EST +372 SWZ +268 ETH +251 FLK +500 FRO +298 FIJ +679 FIN +358 FRA +33 GUF +594 TAH +689 GAB +241 GAM +220 GEO +995 GER +49 GHA +233 GBZ +350 GRE +30 GRL +299 GRN +1-473 GLP +590 GUM +1-671 GUA +502 GBG +44 GUI +224 GNB +245 GUY +592 HAI +509 VAT +39-06 HON +504 HUN +36 ISL +354 IND +91 IDN +62 IRN +98 IRQ +964 IRL +353 GBM +44 ISR +972 ITA +39 JAM +1-876 JPN +81 GBJ +44 JOR +962 KAZ +7 KEN +254 KIR +686 KUW +965 KGZ +996 LAO +856 LVA +371 LIB +961 LES +266 LBR +231 LBY +218 LIE +423 LTU +370 LUX +352 MAD +261 MWI +265 MAS +60 MDV +960 MLI +223 MLT +356 MHL +692 MTQ +596 MTN +222 MRI +230 MYT +262 MEX +52 FSM +691 MON +377 MNG +976 MNE +382 MSR +1-664 MAR +212 MOZ +258 MDA (+373) MYA +95 NAM +264 NRU +674 NEP +977 NED +31 NCL +687 NZL +64 NCA +505 NIG +227 NGA +234 NIU +683 NFK +672 NMI +1-670 NOR +47 OMA +968 PAK +92 PLW +680 PAN +507 PNG +675 PAR +595 PER +51 PHI +63 PCN +870 POL +48 POR +351 PUR +1 QAT +974 KOR +82 MDA +373 ROU +40 RUS +7 RWA +250 REU +262 SHN +290 SKN +1-869 LCA +1-758 SPM +508 VIN +1-784 SAM +685 SMR +378 STP +239 KSA +966 SEN +221 SRB +381 SEY +248 SLE +232 SIN +65 SVK +421 SVN +386 SOL +677 SOM +252 RSA +27 ESP +34 SRI +94 PLE +970 SUD +249 SUR +597 SWE +46 SUI +41 SYR +963 TJK +992 THA +66 MKD +389 TLS +670 TOG +228 TKL +690 TGA +676 TRI +1-868 TUN +216 TUR +90 TKM +993 TCA +1-649 TUV +688 UGA +256 UKR +380 UAE +971 ENG,NIR,SCO,WAL +44 TAN +255 VIR +1-340 URU +598 UZB +998 VAN +678 VEN +58 VIE +84 WLF +681 SAH +212 YEM +967 ZAM +260 ZIM +263 ALD +358 Phone Company Name * Title / Position Location City State / Province / Region Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo, Democratic Republic of the Congo, Republic of the Cook Islands Costa Rica Croatia Cuba Curaçao Cyprus Czech Republic Côte d'Ivoire Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Eswatini (Swaziland) Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island North Korea Northern Mariana Islands Norway Oman Pakistan Palau Palestine, State of Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Romania Russia Rwanda Réunion Saint Barthélemy Saint Helena Saint Kitts and Nevis Saint Lucia Saint Martin Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Sint Maarten Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia South Korea South Sudan Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Islands Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu US Minor Outlying Islands Uganda Ukraine United Arab Emirates United Kingdom United States Uruguay Uzbekistan Vanuatu Venezuela Vietnam Virgin Islands, British Virgin Islands, U.S. Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Åland Islands Country Training Information for: * Individual Group Your Request: Please send me more information about ISO 22301 Business Continuity Management System (BCMS) How did you learn about Tonex Training? CAPTCHA Comments This field is for validation purposes and should be left unchanged. Δ document.getElementById( "ak_js_2" ).setAttribute( "value", ( new Date() ).getTime() );
- Aerospace & Defense Engineering
- Cybersecurity Training
- Wireless Training
- Systems Engineering Training
- RF Training
- IT and Technology Courses
- Leadership (for the Digital Era)
- Enterprise Architecture Training
- Telecom Training
- Software Engineering
- IP Networking Training
- Link 16 Systems Engineering
- Space Academy
- AI (Artificial Intelligence)
- Advanced Science
- Defense Engineering
- Space Engineering
Business continuity management, iso 22301:2019 is the international standard for business continuity management systems., iso 22301: business continuity management systems.
NOTE: ISO 22301 IS IN A TRANSITION PERIOD , THE DEADLINE IS 30th APRIL 2023. FOR CLIENT GUIDANCE AND TOOLS TO SUPPORT YOU DURING THIS TRANSITION PLEASE CLICK HERE .
What Is ISO 22301?
In the event of an emergency, many businesses and organizations must have the ability to mitigate damage and continue operating. ISO 22301 is the international standard for Business Continuity Management (BCM). Published by the International Organization for Standardization, ISO 22301 is designed to help organizations prevent, prepare for, respond to and recover from unexpected and disruptive incidents. To do so, the standard provides a practical framework for setting up and managing an effective business continuity management system. ISO 22301 aims to safeguard an organization from a wide range of potential threats and disruptions.
This standard may be right for your organization if you need to demonstrate to stakeholders that your organization can rapidly overcome operational disruption to provide continued and effective service.
Around the world, many countries have legislation in place to define the emergency planning responsibilities of organizations. Those responsibilities often include the implementation of Business Continuity Management. As a result, ISO 22301 certification should be considered essential to any organization legally required to engage in contingency planning, including utilities, transport, health and essential public services. Whether you need to implement the standard to remain in compliance with industry regulations or not, pursuing ISO 22301 certification can help your organization develop resiliency and improve risk management.
“The rigour of a certified management system has sped up the process and ensured that we have been able to deliver what our clients need: an uninterrupted service.” E.L.F.S ISO 22301 has seen an 82.9% increase in worldwide certificates in 2020, showing the growth and importance of UKAS accredited certification in recent times. Statistics straight from the most recent ISO Survey . Looking to implement an ISO 22301 management system? Not sure where to start? Take a look at our ISO 22301 Implementation Guide here .
What is ISO 22301 and How To Get ISO 22301 Certification
Helps you with
- Operational resilience
- Emergency preparedness
- Corporate governance
- Crisis management
- Disaster recovery
- Supply chain security
- Protection of reputation in a crisis
- Preparation for technology failures
- Plan for sudden loss of critical resources
- Preparation for other emergency situations
Benefits of ISO 22301 Certification
Deliver products that consistently meet customer requirements and a service that is dependable and can be relied on.
Avoid downtime and financial losses with effective management of risk, emergency preparedness and contingency planning.
Understand how statutory and regulatory requirements impact your organization and its customers.
Improved risk management
Greater consistency and traceability of products and services means problems are easier to avoid and rectify.
Proven business credentials
Independent verification against a globally recognized industry standard speaks volumes.
Ability to win more business
Procurement specifications often require certification as a condition to supply, so certification opens doors.
Global recognition as a reputable supplier
Certification is recognized internationally and accepted throughout industry supply chains, setting industry benchmarks for sourcing suppliers.
Changing industry landscape and expectations
All organizations might be subject to disruptions; this may include technology failure, flooding, utility disruption, fire or terrorist attack. The standard is available to any organization (or its parts) regardless of their size, scope or complexity, that wishes to manage their overall business risks and develop the capability to plan for, and respond to, incidents and business disruptions. The consequences of unexpected business disruptions may be far-reaching and might involve loss of life, loss of assets or income, or the inability to deliver products and services on which the organization's survival might depend. By proactive identification of the impact of disruption, BCM identifies those products and services that are crucial for the organization's existence, and helps to establish what responses will be needed if a disruption occurs. ISO 22301 further provides the capability to adequately react in case of disruption.
NQA and ISO 22301 certification
With a wealth of experience providing accredited management systems certifications, NQA is ideally placed to partner with you to meet customer requirements and exceed industry expectations.
- NQA, USA issued the first-ever PS-Prep certification in 2012.
- NQA,USA is the only Certification Body to offer the full suite of ISO and PS-Prep BCMS certifications including: ASIS SPC.1, ISO 22301 and NFPA 1600
Technical committees and industry relationships. NQA is highly involved in a wide variety of industry committees and standards writing teams, helping us to maintain a keen awareness of changes within this industry. NQA, USA is an active participant and recognized leader in the DHS PS-Prep and IAF BCMS working groups (convened by ANAB).
Knowledge transfer supporting our customer’s organizational strategy . NQA is committed to ensuring customer awareness regarding changes in industry strategy, regulations, and standard requirements that may impact your management system approach.
Steps to Certification
Complete a Quote Request Form so that we can understand your company and requirements. You can do this by completing either the online quick quote or the online formal quote request form. We will use this information to accurately define your scope of assessment and provide you with a proposal for certification.
Once you’ve agreed to your proposal, we will contact you to book your assessment with an NQA Auditor. This assessment consists of two mandatory visits that form the Initial Certification Audit. Please note that you must be able to demonstrate that your management system has been fully operational for a minimum of three months and has been subject to a management review and full cycle of internal audits.
Following a successful two stage audit, a certification decision is made and if positive, then certification to the required standard is issued by NQA. You will receive both a hard and soft copy of the certificate. Certification is valid for three years and is maintained through a program of annual surveillance audits and a three yearly recertification audit.
Risk Management Toolkit
ISO 22301 Transition Gap Guide
ISO 22301 Checklist
ISO 22301 Transition Timeline
Annex SL Comparison Tool
Download Certification Logos
ISO 27001 Implementation Guide
Ready to start your journey?
This site is part of the Informa Connect Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.
- Informa Connect Academy
- Audit, Risk & Governance
- Customised Training
- Relevant Courses
- Our Faculty
- About CPD UK
Certificate in ISO 22301:2019 - Business Continuity Management Systems
Enhance the risk management framework with an efficient response and recovery strategy – build business resilience and capabilities to effectively operate during disruptions and crises.
Sign Up for Our Professional Business Continuity Management Training
Gain a thorough understanding of iso 22301:2019 and its importance for business continuation.
Efficient Business Continuity Management Systems (BCMS) are not a choice for organisations. They are a primary condition for achieving good governance, an effort to protect the value of the organisation, and an obligation towards the employees, customers, business partners, shareholders and stakeholders. ISO 22301:2019 sets the requirements for robust business continuity management systems that allow organisations to have an efficient response and recovery strategy, successfully treat their risks and outline the steps necessary to operate in the wake of sudden and severe changes.
Benefits Of Attending
- Gain a thorough understanding of the ISO 22301:2019 requirements and its importance for business continuation
- Acquire key concepts in order to implement and maintain a business continuity management system (BCMS)
- Conduct a review of your company’s existing continuity management system
Run this course in-house
For over 29 years, Informa Connect Academy’s customised training solutions have helped organisations deliver tailored learning in different languages to suit every requirement.
Bespoke training designed for your organisation only, combining traditional classroom setting, blended and online learning models
Is this course for you?
Who Should Attend
- Senior Management
- Internal and External Auditors
- Audit Committee Members
Delegates can earn up to 6 CPEs Program level: Advanced
LEARN MORE ABOUT THIS TRAINING COURSE
Delivered by Afroditi
Afroditi's extensive senior management experience spans GCC and European government-owned enterprises
Certified by CPD UK
The CPD Certification Service is an independent accreditation centre working across all sectors, disciplines and further learning applications and supports policies of institutional and professional organisations globally.
For over 29 years, Informa Connect Academy’s customised training solutions have helped organisations deliver tailored learning in different languages to suit every requirement
Would you like more information?
Bosnia and Herzegovina
United Arab Emirates
- jobs and career
- press and media
- Testing & Assessment
- Certification & Auditing
- Training & Qualification
- Inspection & Supervision
- Consulting & Project Management
- World Site / EN
- Mastering Risk & Compliance
- Business Continuity Management
Business Continuity Management System (BCMS)
React quickly in times of crisis with a business continuity management system
You want to resume productive operations as quickly as possible after disruption or failure of your business processes, particularly those that rely on critical IT systems? Our business continuity management system (BCMS) as per ISO/IEC 22301 and ISO/IEC 27031 allows you to react quickly and correctly with practical emergency plans, IT emergency concepts and recovery plans.
A BCMS bundles interrelated methods, procedures and rules to safeguard the continuation of critical processes and can be integrated in or based on existing management systems. We define an individual strategy, which we derive from your specific requirements. With these necessary resources in place, it becomes possible for you to restart operations in order to avoid unacceptable downtimes.
You want your employees and business operations to continue to function even in times of crisis? Contact our experts now.
Safeguard your productivity with business continuity management and IT emergency management
Business continuity management is the best way to prepare for potential crises and minimize the impact of disruption. Use effective emergency planning to ensure that everyone at your company follows the plan when an incident occurs. Our pragmatic emergency concepts and recovery plans enable you to return to productive operations as quickly as possible after disruption or failure of your business processes, services, IT services or systems.
You can effectively reduce disaster related costs, meet compliance requirements and create an integrated risk management system that offers you legal certainty and a market advantage. By improving your availability level you also gain a considerable competitive edge, as your customers and business partners can rely on your company to stay functional even in times of crisis.
We develop your business continuity management system in just three steps
In just a few steps, we determine the maturity of your business continuity, develop a shared procedure for its continuous improvement and work with you to develop shared emergency strategies and plans:
- GAP analysis We analyze the existing aspects of your business continuity management system or IT emergency management system and therefore its maturity level.
- Improvement planning Based on this analysis we identify the measures needed to improve the maturity of your business continuity management system. We develop pragmatic approaches and measures that help you establish a suitable business continuity management system that evolves and improves over time.
- Implementation We work with you to implement the improvement plan and coach BCM officers how to implement and establish management tasks. This will give you the tools you need to handle a disaster or major incident, so you can act and react precisely and effectively in the event of an emergency.
The BCMS is designed, implemented and operated based on the standards ISO/IEC 22301 and ISO/IEC 27031.
On-demand webinar | ISO/IEC 22301 Business continuity managerment
Resilience of your business processes especially during critical incidents.
Learn how to deal with risk situations and limit potential losses due to interrupted supply chains.
Active crisis management with business continuity management
Our experts have extensive experience in the field of business continuity management. We help you introduce comprehensive BCM solutions and provide quality assurance while the project is in progress. We also help you coach your BCM officer and create tests and training concepts.
In addition, our "survival mix – risk and business continuity management" offer can bring together various analyses of threats ensuring alignment of your BCMS with identified risks.
Learn more about BCM. Make an appointment with our experts.
FAQ: Questions and Answers about Business Continuity Management
What is a business continuity management system.
A business continuity management system, or BCMS for short, is a management system that bundles interrelated methods, procedures and rules to ensure that critical business processes keep running in the event of damage or emergencies and continuously develops and improves them.
What are the advantages of Business Continuity Management?
With our emergency concepts and restart plans you can return to productive operation quickly after disruption or failure of your business processes, whether they are IT-assisted or not, and thus reduce downtimes. This is an effective way to lower follow-up costs and create a risk management system that provides legal certainty. You also gain a considerable competitive edge through a high level of availability.
What are the requirements for a comprehensive Business Continuity Management System?
A comprehensive BCMS should pursue a process-oriented approach and requires interaction between management processes, business processes and support processes. A business impact analysis (BIA) identifies the essential processes and assesses their availability requirements. Once the company has been analyzed, strategies and plans are developed to counter potential risks and scenario-based tests and exercises are conducted.
What standards underpin a BCMS?
A BCMS is designed, implemented and operated on the basis of standards ISO/IEC 22301 and ISO/IEC 27031.
What are the stages of developing and operating a BCMS?
We analyze your business processes and identify potential threats. On this basis we identify your actual protection needs. As part of a business impact analysis (BIA) we assess your business processes and IT services in regard to their availability requirements in case of an incident. Then we work with you to develop a suitable and detailed emergency strategy. We help you implement and operate the BCM software and create test and training concepts. During the project you also receive quality assurance from our certified experts.
What main BCMS-related questions does a business need to ask?
- How heavily is our productivity affected in the event of an incident?
- How do my customers and business partners react to a production outage?
- What is our maximum tolerated outage time?
- How can we maintain critical processes?
- What are the legal and regulatory requirements that could be breached?
- How can losses and effects be minimized?
Our experts on business continuity management systems can answer all these questions for you. Contact us now to find a solution that is tailored to your business.
Will my business automatically have permanent protection once the BCMS has been implemented?
No, setting up and operating a BCMS is not a one-off process, it requires regular testing and adjustment. This process is referred to as a continuous improvement process (CIP for short). We offer suitable training courses to ensure that the employees involved also receive continuous training.
Can a BCMS only run as an isolated management system?
No, it can be integrated in or based on existing management systems (e.g. QMS, ISMS).
Can a BCMS be certified?
Yes, if a BCMS has been implemented in line with ISO/IEC 22301:2019 it can be certified by an accredited company. Certification as per standard ISO/IEC 27031 is not possible.
Our Sustainability Initiatives
Nothing less than the future is at stake. Companies, institutions, public authorities and each and every one of us can play a positive role in shaping the path to tomorrow. We provide you with comprehensive support to ensure that you operate safely, sustainably and efficiently for many years to come.
Comprehensive approaches for the long-term protection of infrastructure
Sustainability Service Search
Test, evaluate, certify, and more: our sustainability services
Sustainability Strategy 2025
Find out how we work with you to protect the future
Safeguard your business continuance during system outages!
Get in contact with us, this might also interest you, data protection management system as per eu gdpr.
Our experts help you develop a data protection management system.
Governance, Risk and Compliance
Strengthen your corporate governance with software-supported automation of your management systems.
ISMS According to ISO/IEC 27001
Improve systematic control over your company’s information security.
Information Security Strategy Consultation
Information security from strategic decision to technical implementation.
Last Visited Service Pages
- 0 Shopping Cart $ 0.00 -->
Business Continuity Management Courses
The learnings I had also put structure to what I have already been practising for several years. It is a privilege to have this certification, and I look forward to more years of being a member of BCMI.
The program was well-structured in such a way that pre-work readings and post assignments were already outlined to supplement the sessions. Learning was truly at the comfort of my home.
I actually learned a lot of very valuable and essential information and still use the course materials for day to day work. The trainers were incredibly experienced and knowledgeable in the field of business continuity and the chance to meet and network with other individuals in the same position was a huge advantage.
Really enjoyed the course and learned much. Instructor were very approachable and knowledgeable.
Case study was very useful to help in applying the concepts.
Generally a good course with informative knowledge and with good experience sharing among the participants.
These business continuity management (BCM) courses are designed with BCM professionals operating within Asia in mind. Case studies shared are of denial of access to your organisation due to mass protests, floods, terrorist attacks and bomb blasts that are familiar to Asia.
Courses are available in 1, 2 and 3 days and are divided into 3 levels of competencies:
At the end of each course, participants would be assessed through assessments or examinations to ascertain his/her level of competency. They can look forward to receiving either an
- Internationally recognised BCM certification through any of our BCM certification course
- Singapore’s WSQ Statement of Attainment through any of our BCM competency level courses.
So which level would be best for you? Perhaps the table below might help
BCM professionals who would like to gain an understanding of BCM and at the same time be internationally certified can look forward to enrolling in any of 4 of our certification courses.
BCM-200 ISO 22301 Business Continuity Management System Planner
COMPETENCY LEVEL: KNOW
This is a basic course on business continuity management (BCM) best suited for someone who wants to have a cursory understanding of the subject.
Cost: SGD1,650 (nett)
BCM-300 ISO 22301 Business Continuity Management System Implementer
COMPETENCY LEVEL: DO
This is the intermediate business continuity management (BCM) course that incorporates the BCM-200 syllabus before the start of the course. Best suited for BCM coordinators who would like to know the theory and practical approach to BCM, there is no experience pre-requisite for attending the course.
Cost: SGD2,400 (nett. Singaporean can use their Skillsfuture Credit to offset their cost)
This course is HRD Corp claimable for Malaysians
BCM-400 ISO 22301 Business Continuity Management System Manager
COMPETENCY LEVEL: MANAGE
This advanced business continuity management (BCM) course is a follow-up to those who have attended the BCM-300 ISO 22301 Business Continuity Management Implementer course. Here, participants will be taught the various ways to implement, manage and maintain a BCM plan through its different maturity stages. Course Pre-Requisite: Complete the BCM-300 ISO 22301 Business Continuity Management Implementer
Cost: SGD2,400 (nett)
BCM-5000 ISO 22301 Business Continuity Mangement System Expert Implementer
This is the most comprehensive and holistic business continuity management course by BCM Institute. It covers syllabuses taught in BCM-200, BCM-300 and BCM-400 courses. The most popular and most cost effective course, it brings participants through from BCM’s fundamentals through to its practical use as well as assist new and experienced BCM managers to navigate their organisation’s new and maturing BCM Plan.
Cost: SGD3,850 (nett)
Competency Based Courses
Enables course participants to recognise vital business functions and the importance of adopting the best strategies for an organisation.
Good and enriching course. All the BCM contents are taught in bite-sized for easy learning and picked up by learners.
The instructor, Mr Jeremy showed concerned and very helpful in ensuring the participants understand the topics. He engaged well with student that make the class very interesting.
Currently, our most popular courses are the competency level 300 courses. Where in bite sizes, you are able to be trained on the full spectrum of BCM implementation. This is done in line with both Singapore’s Workforce Skills Qualification as well as ISO 22301 requirements.
For companies with at least 5 personnel who could not find a schedule to fit our public classes, we are more than happy to accommodate yours.
Cost (wef 1 Jan 2022): SGD 250 (per module for Singaporeans who are 40 years and older) SGD 400 (per module for Singaporeans who are 39 years and younger and Singapore PR of any age)
Check Out Our Upcoming Courses
- BCM Certification
- BCM Institute Code of Ethics
- Maintain My Credential
- Resilience Awards
- Become a sponsor