Till innehåll på sidan

ISO has published a new edition of ISO 22313 on Business continuity management systems

Natural disasters, fires, supply chain issues or cyber-attacks are just some of the many threats to the running of any business. Organizations that have the capability to respond quickly and effectively when they happen, are the ones that survive.

The potential for business disruption is a key area of concern for most executives, but, managed well, the benefits and opportunities are many. Having effective business continuity in place is key.

ISO 22313, Security and Resilience — Business continuity management systems — Guidance on the use of ISO 22301 is part of the world’s first series of International Standards for implementing and maintaining business continuity in line with best international practices.

ISO 22313 has recently been updated to remain relevant and up to date and continue to meet market needs. An organization that follows the guidance in ISO 22313:2020 will have a more effective response and a recover more quickly, thereby reducing the impacts on people, products and the organization’s bottom line.

Malcolm Cornish, project leader for the development of the standard provides an insight into the new edition:Malcolm Cornish

“The ‘tracked changes’ version of ISO 22301:2019 compares it with the 2012 version and surprisingly reveals very many differences, even though, as stated in the introduction, there are no new requirements. This is because requirements have been restated to make them clearer and the standard has been extensively restructured. ISO 22313:2020 provides further clarity and guidance, and shares knowledge and expertise provided by experts during committee meetings”

The result of the systematic review of ISO 22301:2012 in October 2017 identified a simple majority in favour of confirming ISO 22301:2012, so it was clear that many member bodies were happy for it to remain unchanged.  It was therefore surprising how much passionate and, at times, heated debate there was during the committee meetings that followed to agree changes that were needed. Those present had the benefit of hearing the expert knowledge and opinions on both sides of the argument and can therefore understand why requirements have been written as they have been in ISO 22301:2019. The guidance standard, ISO 22313:2020, shares that knowledge in order to promote better awareness and understanding of the requirements.

Feedback during the revision of ISO 22313 identified the need to clarify the meaning of terms that are widely misunderstood. ISO 22313:2020 makes clear the differences between ‘business continuity’, business continuity management (BCM)’ and ‘business continuity management system (BCMS)’and explains ‘prioritised activities’, ‘business impact analysis and risk assessment’, and ‘business continuity strategies and solutions.’"

ISO 22313:2020, Security and Resilience — Business continuity management systems — Guidance on the use of ISO 22301 , is available from ISO national member institutes. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information department.