Although this standard on business continuity management is built on the ISO 9001 Quality management system, when disruptive violation events occur, it is necessary to protect against the incident in question, to reduce the likelihood of the occurrence of the violation, to be prepared for the violation and to recover necessary in the event of the violation. It covers requirements to plan, establish, perform, operate, monitor, review, maintain and continually improve a written management system to
The requirements set out in this standard are general in nature and are designed to apply to all organizations or divisions of organizations, regardless of their type, size and structure. The scope of application of the mentioned requirements varies depending on the operating environment and complexity of the organization.
Requiring a uniform structure in the Business Continuity Management System (BCMS) is not considered in this standard, except for organizations that want to design a BCMS that is suitable for their own needs and meets the needs of the relevant parties. Said needs; It is shaped by legal and regulatory requirements, organization and industry requirements, products and services, processes used, size and structure of the organization, and the needs of interested parties.
This standard is applicable to organizations of any type and size that wish to:
- To establish, implement, maintain and improve the BCMS,
- To ensure compliance with the specified business continuity policy,
- Demonstrate compatibility with other management systems,
- Requesting certification / registration of their own BCMS by an accredited third party certification body,
- Making the decision to comply with this standard and making a declaration of conformity.
- This International Standard can be used to determine an organization’s ability to meet its business continuity needs and meet its obligations.
Our company is honored to assist in the execution of the guidance and guidance studies required for the ISO 22301 Business Continuity Management System quality management system. After the proposal sent by our company is approved, gap analysis and field work related to your company’s processes are carried out.
Legislative and regulatory screening is performed to review legal compliance. Customer requests are evaluated. The scope of the organization is determined. In line with this scope, process risk analysis is carried out. The current status of your organization is analyzed. It is presented to the company management as a report.
A structure suitable for your organization is planned and established. The conformity of the established structure is checked at certain intervals. The process is reviewed in the risk analysis. The situation is reported to the top management. Necessary corrections are made. After making sure that the system of the organization is installed, the audit process is expected from the Certification firm chosen by your organization.
