ISO 22316:2017 Security and resilience - Organizational resilience - Principles and attributes

This International Standard provides guidance to enhance organizational resilience for any size or type of organization. It is not specific to any industry or sector. ISO 22316 can be applied throughout the life of an organization. It does not promote uniformity in approach across all organizations, as specific objectives and initiatives are tailored to suit an individual organization's needs.

Organizational resilience is the ability of an organization to absorb and adapt in a changing environment to enable it to deliver its objectives and to survive and prosper. More resilient organizations can anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience can be a strategic organizational goal, and is the outcome of good business practice and effectively managing risk.

An organization’s resilience is influenced by a unique interaction and combination of strategic and operational factors. Organizations can only be more or less resilient; there is no absolute measure or definitive goal.

A commitment to enhanced organizational resilience contributes to:

an improved ability to anticipate and address risks and vulnerabilities;
increased coordination and integration of management disciplines to improve coherence and performance;
a greater understanding of interested parties and dependencies that support strategic goals, and objectives.

Roy

Brian Roylett (Australia), the project leader responsible for the development of ISO 22316, explains:

"There is no single approach to enhance an organization’s resilience. There are established management disciplines that contribute towards resilience but, on their own, these disciplines are insufficient to safeguard an organization’s resilience. Instead, organizational resilience is the result of the interaction of attributes and activities, and contributions made from other technical and scientific areas of expertise. These are influenced by the way in which uncertainty is addressed, decisions are made and enacted, and how people work together."

ISO 22316 establishes the principles for organizational resilience. It identifies the attributes and activities that support an organization in enhancing its resilience. It includes:

principles providing the foundation for enhancing an organization’s resilience;
attributes describing the characteristics of an organization that allow the principles to be adopted;
activities guiding the utilization, evaluation and enhancement of attributes.

ISO 22316:2017, Security and resilience - Organizational resilience - Principles and attributes, is available from ISO national member institutes. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information department.

https://www.instagram.com/p/CB0aO8pneSG/?utm_source=ig_web_copy_link

Upcoming events

28 Feb, Zoom
Working Group 1

5 March, Zoom
Communication Group meeting

[tbd], 2024
11th ISO/TC 292 plenary meeting

Topics

Authenticity, integrity and trust for products and documents
Business continuity management
Community resilience
Crisis management
Emergency management
Event management
Organizational resilience
Protective security
Supply chain security
Terminology

This website has been developed by Swedish Civil Contingencies Agency in collaboration with ISO and Swedish Institute for Standards responsible for the ISO/TC 292 secretariat

An overview of ISO/TC 292 can also be found at the ISO webpage.

ISO

SIS