ISO 22301 is the international standard establishing requirements for a business continuity management system (BCMS).
ISO 22301:2019 specifies requirements for planning, establishing, implementing, operating, monitoring and improving a BCMS. Its goal is to protect against disruptive incidents, reduce their likelihood and ensure recovery of the organization's critical activities.
Requires identifying critical activities, their dependencies and the impact of their interruption over time.
Requires developing documented plans with response, recovery and restoration procedures tested periodically.
Plans must be exercised regularly to validate their effectiveness and update continuity strategies.
Business continuity covers the entire organization and its critical activities. Disaster recovery (DR) is a subset focused on restoring IT systems after an incident.
It is critical for financial services, healthcare, telecommunications, energy and global supply chains. Regulators in these sectors frequently require or reference it.
Yes. Both share the Annex SL structure, facilitating an integrated management system. ISO 27001 covers information security and ISO 22301 operational resilience.
Assessment within 72 business hours. ISO methodology. No ties to certification bodies.
Request diagnosis