Standard

Track updates

AS ISO 22301:2020

[Current]

Security and resilience — Business continuity management systems — Requirements

Identically adopts ISO 22301:2019, which specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.

Published: 25/09/2020

Pages: 21

Table of contents

Cited references

Content history

Table of contents

Header

About this publication

Preface

Foreword

Introduction

1 Scope

2 Normative references

3 Terms and definitions

4 Context of the organization

4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of interested parties

4.2.1 General

4.2.2 Legal and regulatory requirements

4.3 Determining the scope of the business continuity management system

4.3.1 General

4.3.2 Scope of the business continuity management system

4.4 Business continuity management system

5 Leadership

5.1 Leadership and commitment

5.2 Policy

5.2.1 Establishing the business continuity policy

5.2.2 Communicating the business continuity policy

5.3 Roles, responsibilities and authorities

6 Planning

6.1 Actions to address risks and opportunities

6.1.1 Determining risks and opportunities

6.1.2 Addressing risks and opportunities

6.2 Business continuity objectives and planning to achieve them

6.2.1 Establishing business continuity objectives

6.2.2 Determining business continuity objectives

6.3 Planning changes to the business continuity management system

7 Support

7.1 Resources

7.2 Competence

7.3 Awareness

7.4 Communication

7.5 Documented information

7.5.1 General

7.5.2 Creating and updating

7.5.3 Control of documented information

7.5.3.1

7.5.3.2

8 Operation

8.1 Operational planning and control

8.2 Business impact analysis and risk assessment

8.2.1 General

8.2.2 Business impact analysis

8.2.3 Risk assessment

8.3 Business continuity strategies and solutions

8.3.1 General

8.3.2 Identification of strategies and solutions

8.3.3 Selection of strategies and solutions

8.3.4 Resource requirements

8.3.5 Implementation of solutions

8.4 Business continuity plans and procedures

8.4.1 General

8.4.2 Response structure

8.4.2.1

8.4.2.2

8.4.2.3

8.4.2.4

8.4.3 Warning and communication

8.4.3.1

8.4.3.2

8.4.4 Business continuity plans

8.4.4.1

8.4.4.2

8.4.4.3

8.4.5 Recovery

8.5 Exercise programme

8.6 Evaluation of business continuity documentation and capabilities

9 Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation

9.2 Internal audit

9.2.1 General

9.2.2 Audit programme(s)

9.3 Management review

9.3.1 General

9.3.2 Management review input

9.3.3 Management review outputs

9.3.3.1

9.3.3.2

10 Improvement

10.1 Nonconformity and corrective action

10.1.1

10.1.2

10.1.3

10.2 Continual improvement

Bibliography

Cited references in this standard

ISO 22300:2021

[Current]

Security and resilience — Vocabulary

Content history

ISO 22301:2019

[Current]

AS ISO 22301:2017

[Superseded]

DR AS ISO 22301:2020

$135.16

AUD

Inclusive of GST

Available formats

Web Reader

Instantly view standards in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.

Web Reader (PDF)

View standards in PDF format in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.

Web Reader

Licence:

1 user

Total

$135.16

Add to cart