ISO 22301 sets out the requirements for a BCMS and is considered the only credible framework for effective BCM.

Organisations that certify to the Standard can:

• Prove to existing and potential clients that they have an effective BCMS that will enable continued service delivery in the event of an incident.
• Obtain an independent opinion about the EFFECTIVENESS of their business CONTINUITY management programme, thereby providing assurance to stakeholders and the board;
• Accredited certification involves regular reviews and INTERNAL audits of the BCMS to make SURE it functions as it should and continually improves; and
• Meet regulatory requirements. The EU General Data PROTECTION Regulation (GDPR) and the NIS Directive state that organisations must implement incident response capabilities. Certification to ISO 22301 provides a best practice approach to business continuity.

ISO 22301 sets out the requirements for a BCMS and is considered the only credible framework for effective BCM.

Organisations that certify to the Standard can: