CONTINUITY, RESILIENCE AND RECOVERY
ISO 22301 Business Continuity Management System
As an international standard for Business Continuity Management System, the ISO 22301 is designed to protect, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. With a Business Continuity Management System, your organization is prepared to detect and prevent threats.
ISO 28000 Supply Chain Security Management System
ISO 28000 is an international standard which addresses the requirements of a Security Management System (SMS) for the supply chain. It specifies the aspects to help the organization to assess security threats and to manage them as they arise in their supply chain. Security Management is related to other aspects of business management. With ISO 28000, organizations can determine if appropriate security measures are in place and can protect their properties from various threats.
Disaster Recovery includes policies and procedures aimed at protecting an organization from human or naturally triggered disruptions on the IT infrastructure. It plays a significant role in the prevention of data losses, financial consequences, loss of trustworthiness and organizational reputation. A Disaster Recovery Plan includes the measures that an organization should take to swiftly recover its IT systems.
ISO 22320 Emergency Management
ISO 22320 is an international standard which defines the requirements for incident response, and allows public and private organizations to establish and enhance their abilities to respond to any type of emergencies regardless its magnitude ISO 22320 helps to mitigate threats and damages and ensures continuity of basic facilities such as water and food supplies, health, rescue services, fuel delivery, and electricity. Emergency Management ensures that all related parties are on the same page during a disaster in order to minimize the chances of misunderstandings and ensure a more effective use of the combined resources. It encourages developing and implementing incident response measures, to ensure a response which is suitable to the needs of the affected population.
ISO 22316 Organizational Resilience
ISO 22316 explains the nature and the scope of resilience, which helps you and your organization to enhance resilience in a world that is changing every day. Organizational Resilience is the organization’s ability to anticipate, respond and adapt to unexpected disruptions. As an international standard, it provides guidance to improve organizational resilience regardless the size and type of public or private organizations, and does not specify the industry or sector. ISO 22316 is developed to provide a better understanding of the organizational resilience, its principles and the mechanisms that support it.
ISO 22317 Business Impact Analysis
This international standard is a technical specification which provides detailed guidance on how to establish, implement, and maintain a Business Impact Analysis (BIA) process. It does not suggest a uniform process for performing a Business Impact Analysis but assists the organization to design a BIA process that meets their requirements. Organizations cannot certify their BIA to ISO 22317; however, they can use it as a guidance to effectively implement a BIA process. ISO 22317 is the first and the only standard which solely addresses the Business Impact Analysis. It is designed to complement ISO 22301; nonetheless, it can be used as a stand-alone standard. The aim of Business Impact Analysis processes is to analyze the actual impact of a disruptive event on the organization.