What is the ISO 22301?
When the Industrial Revolution grew big in Britain the need for standard designs and for quality certifications became clear. Other countries also made national standards of their own to coordinate local products and construction. But in 1926 the need to coordinate across national borders with suppliers and distributors led to the International Standards Organization (official languages now are English, French, and Russian). Today there are 163 member countries that follow the published definitions to design products and services for the 20,000 subjects that have been harmonized so far.
Most people only know ISO for film cameras (standards for film sensitivity) or the ISO 9001 standard which is used for certification of quality management. But in 2012 several ISO member countries created standards and guidelines for Business Continuity Management, the ISO 22300 family of publications. It can be described as “documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.” (ISO 22301:2012 p. 1) The ISO 22301 standard, like other categories of standards is reviewed every 5 years.” (Wikipedia accessed 6-2017). The benefit to all organizations using these standards is given in the ISO (archive) publication, “Business Continuity – ISO 22301 when things go seriously wrong”[18 June 2012 pdf, page 3]:
…enables the business continuity manager to show top management that a recognized standard has be achieved… used for certification [that clients and competitors can see]… used within an organization to measure itself against good practice, and by auditors wishing to report to management.
This word cloud illustrates the keywords for the ISO 22301: business continuity management. Based on the text put into the word cloud website, the biggest words are the most frequently used. Some of the features of the ISO 22301 are plans, leadership, exercises and tests, and evaluation. The business must see what risks it faces, then make a plan for timely responses and clear communication of decisions when business is interrupted for any reason. Concepts include MTPD (Maximum Tolerable Period of Disruption of business), MBCO (Minimum Business Continuity Objective), and RTO (Recovery Time Objective). The ISO 22301 uses the cycle of PDCA, plan >do >check >act, in order to test the plans and make necessary changes. Currently a more detailed guide to this management process is being made at ISO with the number 22313. There are also some other ISO publications that touch on Business Continuity, such as 31010 (techniques for risk assessment) and 31000 (Risk Management overall).
Since the future climate conditions will lead to more frequent and more severe weather disruptions, and rapid social changes also disrupt the lives of workers and markets for doing business, it makes sense to implement and operate business continuity management. That way a company has a much better chance to survive and grow after a disruption to its workplace, its suppliers, its distributors and its markets. By speaking a common planning-language, businesses can quickly learn good practices from each other and then help each other, too.