ISO 22301:2012
Societal security — Business continuity management systems — Requirements
ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.
The requirements specified in ISO 22301:2012 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$126.00 NZD
|
|
| HardCopy |
$173.00 NZD
|
|
| Networkable PDF |
Price varies
|
CVP_Secretariat_Loca
Foreword
0 Introduction
0.1 General
0.2 The Plan-Do-Check-Act (PDCA) model
0.3 Components of PDCA in this International Standard
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organization
4.1 Understanding of the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the business continuity management system
4.4 Business continuity management system
5 Leadership
5.1 Leadership and commitment
5.2 Management commitment
5.3 Policy
5.4 Organizational roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.2 Business continuity objectives and plans to achieve them
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
8 Operation
8.1 Operational planning and control
8.2 Business impact analysis and risk assessment
8.3 Business continuity strategy
8.4 Establish and implement business continuity procedures
8.5 Exercising and testing
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.3 Management review
10 Improvement
10.1 Nonconformity and corrective action
10.2 Continual improvement
Bibliography
Keep me up-to-date
Sign up to receive updates when there are changes to this standard
Related Information
Similar Standards
-
AS/NZS 50004:2023
Energy management systems — Guidance for the implementation, maintenance and improvement of an AS/NZS ISO 50001 energy management system (ISO 50004:2020, (E.D. 1.0), MOD)
-
AS/NZS 5050(Int):2020
Managing disruption-related risk -
AS/NZS IEC 31010:2020
Risk management - Risk assessment techniques -
AS/NZS IEC 31010:2020 A1
Risk management - Risk assessment techniques
CVP_Secretariat_Loca
Foreword
0 Introduction
0.1 General
0.2 The Plan-Do-Check-Act (PDCA) model
0.3 Components of PDCA in this International Standard
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organization
4.1 Understanding of the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the business continuity management system
4.4 Business continuity management system
5 Leadership
5.1 Leadership and commitment
5.2 Management commitment
5.3 Policy
5.4 Organizational roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.2 Business continuity objectives and plans to achieve them
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
8 Operation
8.1 Operational planning and control
8.2 Business impact analysis and risk assessment
8.3 Business continuity strategy
8.4 Establish and implement business continuity procedures
8.5 Exercising and testing
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.3 Management review
10 Improvement
10.1 Nonconformity and corrective action
10.2 Continual improvement
Bibliography