Business Continuity Management Systems (BCMS)

(ISO 22301:2019)

ISO 22301:2019, Security and resilience – Business Continuity Management Systems – Requirements.

Organizations of all sizes must take steps to ensure that every day, they can operate to the requirements of the business and to meet customer obligations. There is a general misconception in thinking that a BCMS is Disaster Recovery (DR). They are not the same. The word continuity can be defined as “the unbroken and consistent existence or operation of something over a period of time.” Therefore, the emphasis on a BCMS is to identify the critical aspects of the organization and its people. Through a business impact assessment (BIA), the organization can identify:
What is needed to operate each department
How long can a department not operate (both physical and logical) before a crisis or breach of contract occurs.
What is needed to resume the department’s functions if not operable for an extended period of time.

The output of the responses creates the foundation for the organization’s business continuity plan(s) (BCP). The BCP includes processes to effectively respond to, and recover from, disruptions. Companies with multiple sites or divisions can rely on the same consistent approach throughout the entire organization. DR then becomes a part of the recovery process. The goal is not to need DR in the first place!

Benefits
Reassurance to staff, clients, suppliers and other stakeholders that the organization has sound systems and processes in place for business continuity.
Maintain business-specific plans to ensure continuity of agreed upon legal, regulatory, contractual and business requirements.
Align recovery activities to include operations as well as IT.

Why implement BCMS
Improve business continuity requirements in other standards such as ISO 27001, ISO 20000-1, ISO 9001 and ISO 14001.
Continual review of plans, testing of plans and situations, and ongoing training.
Prepare an emergency response team to effectively react to emerging threats
Imbed review of plans during technical and organizational changes.

The Radian BCMS Difference
The Business Continuity team at Radian Compliance has diverse experience and expertise from both previous positions and at Radian. We support our clients through our full suite of services in implementing a management system structure to support a Business Continuity Program leveraging ISO 22301, industry’s best practices, and other BC frameworks. Our clients can create and maintain a BCP that is relevant and effective. We are active in multiple professional organizations, including ASIS International, (ISC)2, ISACA, WiCys, IAPP, PMI, ASQ, and AITP–Chicago.

Connect with us now to learn how Radian Compliance can support your BCMS requirements.