The lasting success of companies does not only depend upon the prevention of issues and incidents, but also upon being prepared when the inevitable occurs.
Fire, flood, natural disasters, theft, IT outage, and health problems can instantly bring production to a standstill – without warning and when you least expect it.
A proactive approach allows you to minimize the impact of incidents, and to understand the effects of potential threats. Our qualified auditors will assist you in assessing risks, and propose remedies for any gaps you may have in your crisis plan.
The implementation of a BCM in accordance with ISO 22301 enables you to identify the factors that may negatively affect the continuity of your operations. By systematically identifying those factors and implementing preventative measures, contingency plans and response procedures, you prepare your organization for the worst. The standard specifies requirements for an effective BCM system.
Less text, more flexibility; less prescriptiveness, more pragmatism – that, in a nutshell, is the new version of the ISO 22301 standard for Business Continuity Management Systems (BCMS). Although the revision does not bring drastic changes, the new version of the standard is a definite improvement and will bring even more value to its users.
Since its initial publication in 2012, the ISO 22301 standard has become the international benchmark for business continuity management systems. According to an ISO survey, over 4000 organizations hold an ISO 22301 certificate. The popularity of the standard has spread among very diverse industries – to name but a few, DQS has certified banks, chemical plants, IT service providers, as well as manufacturers of car parts.
Considering this popularity, it is only appropriate for ISO to review its standard and incorporate the learnings of its first years of use. In January 2019, ISO published the ISO/DIS 22301:2019 standard, which is a draft of the new version. Although there can be changes between the draft and the final version, it already gives a clear idea of what to expect.
The audit can be conducted whenever you feel ready. The duration of the audit depends on the size of the site and the complexity of the processes, but is always at least 1 day. After a successful certification audit, you obtain a certificate with a validity of three years. After certification, yearly surveillance audits will be necessary to maintain certified status.