ISO 22301

ISO 22301

Security and resilience — Business continuity management systems — Requirements

About ISO/IEC 22301

ISO/IEC 22301 provides guidelines for establishing a business continuity management system (BCMS). It aids organizations in preparing for, responding to, and recovering from disruptive incidents, ensuring that critical operations continue smoothly. The standard emphasizes risk management, resilience, and the need for continuous improvement to effectively mitigate potential threats and maintain business functions.

Covering the entire lifecycle of a BCMS, from planning to review, ISO/IEC 22301 helps organizations build a structured approach to manage risks and enhance their ability to withstand unexpected events. It encourages regular testing and updates to ensure the system remains effective and relevant. Ultimately, the standard aims to fortify an organization's infrastructure, ensuring operational continuity in the face of disruptions.

Type of Audit

  • Certification Audit

Advantages of ISO/IEC 22301

  1. Stakeholder Confidence: Builds trust with clients, partners, and investors by showing your commitment to maintaining continuous operations.
  2. Enhanced Resilience: Demonstrates your organization’s ability to withstand and quickly recover from disruptions.
  3. Competitive Advantage: Differentiates your organization in the market, making you a preferred choice for contracts and partnerships.
  4. Regulatory Compliance: Helps meet legal and regulatory requirements related to business continuity and risk management.
  5. Continuous Improvement: Encourages regular reviews and updates to your business continuity plans, ensuring they remain effective and up-to-date.

Certification Audit Process

  1. Request for A Proposal
    1. Company interested in certifying against ISO/IEC 22301 requests for a proposal from TUV NORD Thailand
  2. Certification Audit
    1. Stage 1: Documentation Review
    2. Stage 2: On-site Verification
  3. Issue of ISO/IEC 22301 Certificate
  4. Surveillance Audit 1 & 2 (within the next 2 years after the certificate is issued)
  5. Re-certification within the next 3 years after the certificate issued.