Standard
Track updates
icon

AS ISO 22301:2020

[Current]

Security and resilience — Business continuity management systems — Requirements

Identically adopts ISO 22301:2019, which specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
Published: 25/09/2020
$129.95
AUD
Inclusive of GST
Available formats
icon
Available formats
icon_export/16/close
Web Reader
Instantly view standards in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.
Web Reader (PDF)
View standards in PDF format in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.
Web Reader
Licence:
1 user
Total
$129.95
Add to cart
visa logo
mastercard logo
amex logo
Table of contents
Cited references
Content history
Table of contents
Header
About this publication
Preface
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.2.1 General
4.2.2 Legal and regulatory requirements
4.3 Determining the scope of the business continuity management system
4.3.1 General
4.3.2 Scope of the business continuity management system
4.4 Business continuity management system
5 Leadership
5.1 Leadership and commitment
5.2 Policy
5.2.1 Establishing the business continuity policy
5.2.2 Communicating the business continuity policy
5.3 Roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 Determining risks and opportunities
6.1.2 Addressing risks and opportunities
6.2 Business continuity objectives and planning to achieve them
6.2.1 Establishing business continuity objectives
6.2.2 Determining business continuity objectives
6.3 Planning changes to the business continuity management system
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information
7.5.3.1
7.5.3.2
8 Operation
8.1 Operational planning and control
8.2 Business impact analysis and risk assessment
8.2.1 General
8.2.2 Business impact analysis
8.2.3 Risk assessment
8.3 Business continuity strategies and solutions
8.3.1 General
8.3.2 Identification of strategies and solutions
8.3.3 Selection of strategies and solutions
8.3.4 Resource requirements
8.3.5 Implementation of solutions
8.4 Business continuity plans and procedures
8.4.1 General
8.4.2 Response structure
8.4.2.1
8.4.2.2
8.4.2.3
8.4.2.4
8.4.3 Warning and communication
8.4.3.1
8.4.3.2
8.4.4 Business continuity plans
8.4.4.1
8.4.4.2
8.4.4.3
8.4.5 Recovery
8.5 Exercise programme
8.6 Evaluation of business continuity documentation and capabilities
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.2.1 General
9.2.2 Audit programme(s)
9.3 Management review
9.3.1 General
9.3.2 Management review input
9.3.3 Management review outputs
9.3.3.1
9.3.3.2
10 Improvement
10.1 Nonconformity and corrective action
10.1.1
10.1.2
10.1.3
10.2 Continual improvement
Bibliography
Cited references in this standard
[Current]
Security and resilience — Vocabulary
Content history
[Superseded]
DR AS ISO 22301:2020