ISO 22301 Business Continuity Management describes the requirements for a Business Continuity Management System (BCMS). This system is part of the overall risk management within your organization and overlaps with information security management and IT management. A management system in accordance with ISO 22301 ensures that you are able to continuously improve your organization in the field of BCM. This means that your organization is able to estimate the likelihood of incidents and, where possible, to prevent your organization from being resilient to disruptions that can limit any damage.

ISO 22301 is often combined with ISO 9001 and/or ISO/IEC 27001 Thanks to the structure of the standards, both management systems can be fully integrated.


Determining the impact of disruptions, assessing risks, and developing and maintaining a workable system to minimize disruptions are the main focus of ISO 22301.

The operational planning and assessment of BCM includes the following activities:

Conducting a Business Impact Analysis (BIA);

  • Classifying your products, services, and business activities in order of importance to your business;

Conducting a risk analysis and risk assessment;

  • Mapping the risk of disruptions to your business and taking (preventive) measures;

Determining business continuity strategies;

  • Selecting an approach that is aimed towards preventing or resolving failures.

Creating specific crisis management and business continuity plans. These include (at least):

  • Incident Management;
  • Alarm and Communication;
  • Business Continuity Plans (BCP);
  • Recovery Plans;
  • Testing and practising of theses plan;
  • Documented reports with the results, recommendations, and actions.

For whom is the ISO 22301 intended?

The ISO 22301 can be applied to any type of organization (large and small) that wants to demonstrate that business continuity is counted as an important objective.


  • QMS International offers the possibility of certification within 45 days;
  • It applies a pragmatic and standards-based approach;
  • An independent and ethical attitude;
  • Qualified auditors for several ISO-standards with excellent knowledge of the industry and standard(s);
  • Non-bureaucratic approach towards our customers;
  • No unexpected costs and delays;
  • Extensive worldwide experience with management systems.