ISO 22313 is suitable for all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors and can be used to:
- establish, implement, maintain and improve a BCMS
- ensure conformance with the organization's business continuity policy or
- make a self-determination and self-declaration of compliance with this International Standard.
It is not suitable for an organization to assess its BCMS. If an organizations wishes to assess its BCMS and demonstrate to others its conformance or seek certification of its BCMS by an accredited third party certification body, it should use ISO 22301.
Malcolm Cornish (UK), the project leader responsible for writing ISO 22313, explains:
"This Standard will enable an organization to design a BCMS that is appropriate to its needs and meets the requirements of its interested parties. Such needs and requirements are shaped by legal, regulatory, organizational and industry requirements, the organization's products and services, the processes it employs, the environment in which it operates, the size and structure of the organization and the requirements of its interested parties."
ISO 22313:2012, Societal security – Business continuity management systems – Guidance, is available from ISO national member institutes. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information department.