ISO 22301, the international business continuity standard

Are you best prepared to respond to and recover from a disruptive incident?

Managing risks such as cyber attacks and natural disasters means organisations need effective BCM (business continuity management) plans to help them quickly recover from any event. 

The international standard ISO 22301:2019 provides a best-practice framework for implementing an optimised BCMS (business continuity management system), enabling you to minimise business disruption and continue operating in the event of an incident.

An ISO 22301-aligned BCMS will include disaster recovery and business continuity plans to help your organisation recover critical operations as quickly as possible.

Purchase your copy of the Standard

What is BCMS?

A BCMS (business continuity management system) is a comprehensive approach to organisational resilience. It enables organisations to update, control and deploy effective plans, taking into account organisational contingencies and capabilities, as well as the business needs (product- and service- requirements).

A BCMS helps the business to cope with incidents affecting all of the organisation’s business-critical processes and activities, from the failure of a single server to the complete loss of a major facility.

Free pdf download: Business continuity and ISO 22301

Free green paper: Business Continuity and ISO 22301 – Preparing for disruption

Download this free green paper now to learn about the fundamental components of best-practice BCM, including risk assessment, BIA (business impact analysis) and business continuity plans, and discover our step-by-step approach to implementing an effective BCMS aligned to ISO 22301:2019.

Download now

What is the difference between a business continuity plan and a BCMS?

A BCMS is a comprehensive approach to organisational resilience. It allows organisations to update, control and deploy effective plans, taking into account organisational contingencies, capabilities and business needs (product and service requirements).


  • Based on analysis
  • Regularly tested
  • Requires regular review and management
  • Awareness organisation-wide, embedded in the culture and deployed throughout the business

Business Continuity Plan

  • Based on guesswork
  • Untested
  • Can become outdated
  • Lack of organisational awareness, deployed in a limited division of the organisation and not part of the culture

What are the benefits of business continuity management and ISO 22301?

  • Optimally recover from a potentially damaging and disruptive incident.
  • Protect your organisation’s turnover, profits and reputation due to improved resilience and preparedness.
  • Achieve regulatory and governance requirements where business continuity management is a necessity.
  • Reduce the cost of business interruption insurance cover based on actual analysis of your organisational risk exposure.
  • Receive independently audited assurance that your business has established the necessary measures to respond to a potential disaster.
  • Meet the demands of clients across the supply chain.

Read more about the advantages of ISO 22301 and business continuity management.

The BCM life cycle

Implementing a BCMS aligned to ISO 22301 will include the following elements and supporting processes:

  • Scope the project and develop the business case
  • Get board commitment and secure the necessary budget
  • Develop internal competence
  • Undertake the development of documentation and documentation control
  • Establish roles and responsibilities
  • Undertake internal and external communications
  • Establish staff awareness programmes
  • Conduct a risk assessment
  • Undertake a BIA
  • Develop business continuity plans and strategy
  • Conduct BCM testing
  • Ongoing review and maintenance
  • Get certified