How to interpret ISO23301 in order to build successful business continuity plans. - Plan4continuity Blog


You have just received your latest acquisition, a state of the art fitness machine. You try to assemble it. Two hours later with parts strewn all over the floor and something that looks like something out of an apocalypse movie you decide to call customer support and guess what, they stopped working 5 minutes ago. The manual is written in a language you cannot understand. You throw a tantrum, frustrated and ready to fling everything out the window.


A situation even the most tech savvy of us have all experienced. In the sphere of Business Continuity the ISO 22301 standard for business continuity is extremely well thought out but for the average person its quite daunting to understand because of its complexity. Have a look at this mindmap of the contents the standard here. Mindblowing!

Lets demystify ISO 22301 and show how it can be used to build successful Business Continuity Plans. I will break it down into manageable pieces. Steps 4 to ten are the crux of it and what we will focus on.


1 The Scope of ISO 22301


2 Normative references


3 Terms and definitions.


Context of the organization : This simply put is understanding the organization: knowing what customers, interested parties and regulatory bodies require and importantly who your workers are and what they do . This will help determine the scope or extent of the Business Continuity Management System (BCMS) and what it will or will not cover.


5 Leadership: Without direction the business continuity planning project will founder. Top management including the directors need to support and enforce the project and set up policies, delegate people and resources.Without rock solid support from top management the project is doomed. Good leaders lead by example too and their visible involvement gets noticed by staff.

6 Planning: This involves the risks and consequences of the Business Continuity Management System (BCMS) , setting clear objectives and benchmarks to measure the success of this. The involvement of ALL staff is needed as they will provide the know how and massive effort needed for this.

7 Support: Making sure that the business continuity planning project has the right people on board. Involve passionate, skilled and competent people. Make known their roles in responding to incidents and interruptions. Put in place communication and support systems . Support your own employees as well.

8 Operations: This is the body of the business continuity plan where assessment and analysis take place, strategies developed to prevent and reduce incidents and since its impossible to prevent everything from occurring , plans and procedures on how to mitigate and recover from disruptive events.


9 Evaluation: The entire system needs to be constantly monitored measured and tested to expose flaws and also prepare roleplayers for when the need arises. This involves internal and external audits. Business continuity plans need to be rehearsed and people including vendors need to be trained or be part of meetings.

10 Improvement: This is where kaizen or continuous improvement comes into play. As things change from day to day business continuity plans need to be modified and improved. Simulations facilitate exposing flaws in a plan. Involving ALL staff leads to better work morale and a healthy exchange of ideas. Staff often have suggestions on how to cut costs and improve processes. Take them seriously and reward them for their effort!

The lifecycle of ISO 22301 is Plan, Do, Check and Act and is a continuous never ending one. It requires hard work and dedication, constant analysis and many many meetings. Collaboration is key to its success. Pride must be put aside and working towards a common goal of establishing and maintaining the plan should be the focus.

The fruits of ISO 22301 being properly used in a business continuity management system (BCMS) are manyfold: Business survival, improved work ethic and spirit,cost cutting,improving processes and safety amongst many. Keep reading this blog as further articles will expand on ISO 22301 and business continuity planning . Get your business continuity plan on the go now! Start by downloading our free guide to Business Continuity Planning.