Information about ISO 22301 certification

Fire, natural disasters, theft, IT failures or a health crisis: Forward-thinking strategies and powerful contingency plans ensure your organization's continued existence and business viability in the event of a crisis. With holistic business continuity management based on ISO 22301 certification, you can prepare your organization for exceptional situations with proven procedures.

Maximum resilience through optimal preparation

Comprehensive understanding of existential key processes

Rapid response capability to unforeseen events

Recognized proof of due diligence and compliance

What is a Business Continuity Management System according to ISO 22301?

A business continuity management system (BCM) based on the international standard ISO 22301 serves to minimize the risk of failure due to serious events that can threaten the existence of your organization. In contrast to conventional risk management, BCM focuses on critical key processes to ensure the continued existence of your organization in the event of an emergency.

BCM as defined by ISO 22301 (current revised version, published in 2019) is a holistic management approach. It includes planning, review and training as well as continuous improvement of organizational processes. The goal of the management system is to firmly embed BCM in your organizational culture.

The established processes must be practiced in your organization on a permanent basis and the findings evaluated. Thus, employees are prepared in the event of an emergency and can act in a purposeful and structured manner despite enormous emotional stress, in order to restore conditions back to normal as quickly as possible.

Like all modern ISO management system standards, the standard is based on the PDCA cycle (Plan-Do-Check-Act) and the High Level Structure. This facilitates integration into an existing management system, for example ISO 9001 (quality).

With a Business Continuity Management according to ISO 22301, you ensure that you effectively meet all necessary compliance requirements as well as international standards.

Show more
Show less

Who is ISO 22301 certification suitable for?

Crises and unforeseen events can affect anyone - that's why an effective ISO 22301 management system is essential for any organization. It strengthens their resilience, improves the stability of processes, shortens downtime and recovery times, reduces the extent of damage, and enables holistic risk management.

Companies of all types and sizes can benefit from the ISO 22301 standard. However, an efficient BCM is particularly relevant for companies and organizations that belong to the Critical Infrastructure (CRITIS). These bear responsibility for the basic supply of the population, which would be particularly affected by critical events.

In this context, the ISO standard is relevant for the following industries, for example:

  • Energy
  • Finance
  • Food
  • Transportation
  • Telecommunications
Show more
Show less

Why is ISO 22301 certification useful for my organization?

An emergency usually occurs suddenly and unexpectedly. Therefore, it is essential to have a continuity management system ready to get your organization safely through the crisis. Certifying your business continuity management enables you to discover possible risks and potential for improvement, thereby ensuring sustainable success.

By conducting a business impact analysis and developing preventive plans early on, you will be able to ensure that relevant threats do not bring affected operational functions to a standstill. The standard establishes requirements that support such documented continuity management in terms of planning, implementation, self-monitoring, and continuous improvement. You are prepared for certification when all standard requirements are firmly embedded in the organizational culture.

As part of the ISO 22301:2019 certification, we assess on-site whether your business continuity management system meets all standard requirements. In doing so, we focus on precisely those aspects that are vital to the survival of your organization. Our auditors identify concrete potential for improvement and provide you with direct recommendations for action - for example, for minimizing risk and damage, improving preventive measures and optimizing emergency plans.

As an outward sign of your success, you receive a certificate - and with it the reassuring certainty that you have mastered the scenarios from your business continuity plans.

Show more
Show less

How does ISO 22301 certification work?

First, you discuss your company, your personal goals and the objectives of an ISO 22301 certification with us. Based on these discussions, you will receive an individual offer tailored to the needs of your company or organization.

These steps prepare the actual audit. Project planning can be useful for larger projects, for example, to plan schedules and the implementation of audits at additional locations or departments. The pre-audit gives you the opportunity to identify strengths and areas for improvement in your system in advance.

The certification audit starts with an analysis of your system. This enables your DQS auditor to determine whether your management system is ready for certification. In the next step, they will assess the effectiveness of the management processes on site. The results are presented in a final meeting. If necessary, action plans are agreed upon.

The audit results are evaluated by the independent certification board of DQS. If all requirements of the ISO 22301 standard are met, you will receive an internationally recognized DQS certificate with a validity period of three years.

In order to maintain the ISO 22301 certificate, key components of your system are audited annually on site. This ensures the continuous improvement and ongoing effectiveness of your system.

The ISO 22301 certificate expires after three years at the latest. A recertification is carried out in good time before expiry to ensure continuous compliance with the requirements. Upon compliance, a new certificate will be issued.


What does ISO 22301 certification cost?

What is security and protection worth to your organization in a crisis? Compared to the potential damages, setting up and certifying an efficient BCM according to ISO 22301 is a necessary investment in your business. The audit scope depends on your organization's size and the number of locations and suppliers. Sometimes, your business sector or products can also result in special requirements.

How high the costs for an ISO 22301 certification actually turn out to be depends on other factors as well. For example, it plays an important role whether you already have a certified management system, such as ISO 9001 (quality). In addition, the complexity of your processes has an influence on the audit duration and costs. For these reasons, the costs for certification according to ISO 22301 cannot be quantified across the board.

Talk to us: We will be happy to provide you with an individual offer for your company, organization or agency.

Show more
Show less

What you can expect from us

  • Value-adding insights into the resilience of your organization
  • More than 35 years of experience in management system and process certification
  • Industry-experienced auditors combine expert knowledge with emotional intelligence
  • Certificates with international acceptance
  • Meaningful audit reports including recommendations for action
  • Personal, smooth support from our specialists - regionally, nationally and internationally
  • Individual offers with flexible contract terms without hidden costs

Show more
Show less

Request a quote

Your local contact: Suchal Junaid

We will be happy to provide you with an individual quote for ISO 22301 certification.