ISO 22313 - Guidance on the use of ISO 22301

ISO 22313 - Guidance on the use of ISO 22301

  1. Overview

ISO 22320:2020, Security and resilience – Business continuity management systems – Guidance to the use of ISO 22301, is an international standard developed by technical committee ISO/TC 292 Security and resilience. This document provides guidance for applying the requirements for a business continuity management system (BCMS) in accordance with the requirements set out in ISO 22301:2019. ISO 22313 has adopted the new format for writing management system standards described in Annex SL and its structure mirrors that of ISO 22301.

  1. Approach

Seven Step Consulting Business Continuity Services   helps organizations with a comprehensive approach to managing business continuity, using ISO 22313:2020 – Security and Resilience – Business Continuity Management Systems – Guidance On The Use Of ISO 22301. We clarify that this is not a certification standard and organizations can only claim compliance to the best practices which can either be a self-assessment or a third-party independent audit.

  1. Benefits

Your business benefits from having an

  1. A detailed description of strategy options for resources
  2. Assistance with defining your BCMS
    • goals for your BCMS
    • scope based on cost of mitigation
  3. Types of resources an organization should establish including the BCMS structure with defined roles and responsibilities
  4. Elements of assessing the impact in BIA
  5. Elements to be included in risk assessment
  6. Suggested strategies for
    • Resources/activities
    • Backup types
    • Worksites
    • ICT systems
    • Facilities and supplies
    • Transportation
  7. Strategic options for prioritized activities
  8. What to include in content of
    • Business continuity procedures/plans
    • Incident communication procedures
    • Salvage and security procedures
    • Procedures for resuming activities
    • Elements of safety and welfare procedures,
    • ICT continuity procedures, etc.
  9. List of resources that may be required for the welfare of employees,
  10. Competence development program, types of trainings, types of teams, what to include in awareness programs, etc.
  11. Options to mitigate the impact and duration of an incident
  12. Content of post-incident review
  13. suggested objectives for the business continuity exercises
  14. content of exercise program
  15. checklist of what evaluation of business continuity procedures should verify
  16. Evaluation techniques for business continuity capabilities of your key suppliers
  17. Resources strategies for people, what to take into account for procedures of relocation of staff,
  18. Explanation on when RTO & RPO is used and for what
  19. Suggestion of finance needed during an incident, etc.
  20. Metrics that may be used for measuring the effectiveness of BCMS
  1. Deliverables

Our experts will work with your team closely to align your organization and comply with the suggested best practice guidance.

Our experienced BCM consultants and/or implementers, will recommend getting both of these standards and develop your management system accordingly, even if certification is not your end goal.