The Evolution of ISO 22301: A Comparison
- Home
- Blog
Categories
Latest Post
ISO 14001 Lead Auditor Course
ISO 14001 Foundations Course
ISO 14001 Internal Auditor Course
ISO 14001 Lead Implementer Course
ISO 22301, the standard that guides organizations in developing robust business continuity plans, has evolved significantly from its 2012 revision to its 2019 update. This new iteration aligns closely with other ISO management systems such as ISO 9001 and ISO 27001, offering a less prescriptive and more flexible approach.
Structural Consistency
The 2012 revision of ISO 22301 was among the first to be developed with ISO/IEC Directives Part 1 Annex SL in mind, which dictates how ISO Management System Standards (MSS) should be structured. Hence, the 2019 revision has retained a familiar structure akin to ISO 9001, ISO 14001, and ISO 27001.
Shift from Strategy-Based to Solution-Based
The most significant shift in the ISO 22301:2019 standard lies in its broader approach—transitioning from strategy-based to solution-based. Organizations are now required to not only develop high-level strategies but also define specific solutions to address risks and impacts relevant to business continuity.
For top management, this change is pivotal. It means that resource identification must be related to tangible solutions rather than abstract strategies (as specified in clause 8.3.4). This precision in defining resources aids in better budget planning and prevents underfunded or overextended scenarios.
Planned Changes in BCMS
A notable addition in ISO 22301:2019 is the requirement for organizations to manage changes in their Business Continuity Management Systems (BCMS) in a planned manner. This involves considering:
The purpose and consequences of the change
The impact on the integrity of the BCMS
Available resources to implement the change
Clarification of responsibilities and authorities
This explicit requirement, though implicitly expected in the previous version, provides a structured approach to ensure the continuity and recovery of services and products.
Enhanced Flexibility and Pragmatism
While change can be daunting, the modifications introduced in ISO 22301:2019 are designed to be manageable. The revisions aim to foster greater flexibility and understanding, emphasizing the importance of solutions alongside strategies. This focus ensures that organizations develop effective responses to specific risks and impacts.
Moreover, the new standard allows for a reduction in documentation required for managing service continuity, both during and after disruptive incidents. Though ISO 22301 is not the only tool available for business continuity management, it offers valuable processes to maintain service continuity and achieve optimal customer satisfaction.
