The standard, ISO 22301, provides a framework for organizations to plan, establish, implement, operate, monitor, review, maintain, and improve a business continuity management system (BCMS), ISO explained in a statement. The standard is expected to help organizations protect against, prepare for, respond to, and recover from disruptive incidents, such as cyberattacks, natural disasters, or terrorism.
“Organizations implementing ISO 22301 will be able to demonstrate to legislators, regulators, customers, prospective customers, and other interested parties that they are adhering to good practice in BCM. It may also be used within an organization to measure itself against good practice, and by auditors wishing to report to management”, said Stefan Tangen, secretary of the ISO technical committee that developed the new standard.
ISO 22301 provides guidance to an organization in the design of a BCMS that is appropriate to its needs, which are shaped by legal, regulatory, organizational, and industry factors, the organization's products and services, its size and structure, its processes, and its stakeholders.
A number of countries have started to adopt ISO 22301, including Singapore and the UK, to replace their existing national standards, explained ISO. There is also interest from business worldwide that wish apply good practice and obtain certification against this standard.