New Technical Specification providing guidelines for business continuity strategies
The International Organization for Standardization has published a new Technical Specification that provides guidance on businuss continuity strategies for any size or type of organization. ISO/TS 22331:2018 "Security and resilience - Business continuity management systems - Guidelines for business continuity strategy" provides additional guidance to ISO 22301 and is a valuable contribution to the BCM standard series form ISO/TC 292.
Brian Zawada (USA), the project leader responsible for the development of ISO 22331, explains:
"Business continuity strategy determination and selection is a foundational process designed to identify strategies that align to management-endorsed business continuity requirements in support of a business continuity response. ISO 22301 requires organizations to determine and select business continuity strategies as part of their business continuity management systems; however, due to ISO 22301's intent to describe the need for business continuity strategy and be applicable to organizations of all types, it provides minimal guidance on how to perform business continuity strategy determination and selection process.
Also, while ISO 22313 provides guidance on the requirements in ISO 22301, it does not provide methodology details or options regarding the performance of recurring business continuity strategy processes. Since determining, selecting and improving business continuity strategy can prove to be a difficult task, this TS will provide pragmatic, detailed guidance on the various methods on how to execute the business continuity strategy determination and selection effort successfully."
Content includes details on how to determine business continuity strategy options that mitigate risk or enable an appropriate response and recovery, perform analysis on strategy options, select the appropriate strategy based on analysis, and receive management endorsement for selected strategies before implementing those strategies.
ISO/TS 22331:2018, Security and resilience - Business continuity management systems - Guidelines for business continuity strategy, is available from ISO national member institutes. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information department.