Cyber-attacks present a critical threat to the functioning, stability and security of the community. However, it is far from only cyber criminals that threaten companies and their data. Relatively simple operational complications – caused by, for instance, technical faults or mistakes made by an employee – may quickly result in discontinuation of delivery and production stoppage with extensive consequences for the organization and for society. It is therefore essential that organizations, in the private and public sectors, familiarize themselves with the threat scenario to which they are exposed with a view to ensuring the robustness of their business procedures and deliverables.
ISO 22301 sets out the requirements for a business continuity management system (BCMS) which equips the organization to protect and continue operations in disaster and crisis situations.
ISO 22301 is a tool to identify, control and mitigate the risk of sudden production or delivery failure and to undertake the organization's main functions during and after a crisis situation.
A structured effort to achieve business continuity according to ISO 22301 demonstrates that the organization and its management are working strategically to ensure the organization's continuing deliveries, including the ability to undertake business critical functions during and after a disaster. It provides security both internally and externally.