From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search

ISO 22301 is international BCM Standard in the field of Business Continuity Management (BCM). The convergence from the existing international and national BCM standards to an ISO standard is seen as a normal transition based on past management standards. It is updated in September 2019.

The good news is that all BCM standards including ISO 22301 will be have similar BCM implementation requirement e.g. “BC Programme Element” and “BCM Planning Methodology” and these processes will not differ too extensively when it is implemented with another BCM standard.

The key is to adopted a rigorous understanding of the similarities and differences to ISO 22301:2012 standard with reference to the organization’s existing standards such as the BS 25999-2:2007 or SS540:2008 and to continue with the BCMS implementation.

ISO22301 Lifecycle.png
Comparison between BCM Planning Methodology and ISO 22301


Summary of ISO 22301 Requirement

Plan component of the PDCA Cycle
  • 4. Context of the Organization
    • Understanding of the organization and its context
    • Understanding the needs and expectations of interested parties
    • Determining the scope of the BCMS
    • BCMS
  • 5. Leadership
    • Leadership and commitment
    • Management commitment
    • Policy
    • Organizational roles, responsibilities and authorities
  • 6. Planning
    • Actions to address risks and opportunities
    • BC objectives and plans to achieve them

7. Support

8. Operation

DO component of the PDCA Cycle

9. Performance Evaluation

CHECKcomponent of the PDCA Cycle

10. Improvement

ACT component of the PDCA Cycle


The BCM world in recognition of the rapidly growing global interest in BCMS, ISO has developed through the Technical Committee known as ISO/TC 223 Societal security, the ISO 22301; Societal Security – BCMS – Requirements.

It is a specification standard to which certification bodies may offer third party certification to their clients. It forms part of the wider Societal security – BCMS series of documents which also consists of ISO 22300 – Vocabulary and ISO 22313 – Guidance.

In September 2019. ISO22301 is updated.

BCM Framework or Elements of BC Programme

ISO 22301 (reflected from the ISO 22313 Guidance) adopts a 6-element BCM approach to represents the continuous operations of the BC programme within the organization. These six elements of the BC Programme are:

  • Understand the Organization
  • Selecting Business Continuity Options
  • Developing and Implementing a Business Continuity Response
  • Exercising and Testing
  • Business Continuity Programme Management
  • Embedding Competence and Awareness