Business continuity – There’s an ISO for that?


A global pandemic, war, economic strife, strikes, floods, droughts, cyber-attacks; the world has been a challenging place these last few years, and the impact of these events will be with us for some time.


There has always been a need for organisations to consider and ensure business continuity, studies have shown that almost 1 in 5 organisations experience significant business disruptions every year, but now more than ever it is important to get it right.


Luckily there is an ISO standard for that!


ISO 22301: 2019 - Security and resilience — Business continuity management systems.

ISO 22301 is the recognised international standard for Business Continuity Management Systems designed to help prepare for threats such as cyberattacks, data breaches and natural disasters, or any other significant risk that could damage your business and its reputation.


The main ways it can help you address such issues include:

  • Identifying and prioritising threats.

  • Responding to and recovering from incidents with the least disruption to business.

  • Understanding where your vulnerabilities are and having plans in place to mitigate risk as well as respond.

As with the other ISO standards, ISO 22301 is applicable to all organisations, regardless of size, and industry.

It aligns with many other internationally recognized management system standards, such as ISO 9001 (quality management) and ISO 14001 (environmental management) and can therefore be easily integrated into your organization’s existing management processes.


How might it benefit you?


ISO 22301 will help you respond to, and recover from, disruptions to your business in a controlled and effective way. It can reduce costs and lessen the impact upon your business performance should something actually go wrong.


Further benefits include:

  • The ability to reassure clients, suppliers, and other interested parties that you have sound systems and processes in place for business continuity.

  • A better understanding of the business through analysis of critical issues and areas of vulnerability.

  • It can also be useful for strategic planning, risk management, supply chain management, and resource management.

Disaster recovery

Disaster Recovery Plans are a major aspect of ISO 22301 and are focused on returning an organisation back to normal operating conditions after a disruptive incident and achieving total recovery.


A Disaster Recovery Plan can be relatively technical but does not have to be overly complex. It focuses on the recovery of specific operations, functions, sites, services, or applications.


Don’t have a Disaster Recovery Plan? ISO 22301: 2019 can help, and so can Quality Improvements UK Ltd!


Whether you are looking to implement ISO22301: 2019 or are simply looking for similar tools to prepare and safeguard your business for the future, contact us at info@quality-improvements.co.uk and find out how we can help today.

Featured Posts
Recent Posts