All you need to know about the ISO 22301 certification

Fire, natural disasters, theft, IT failures, or a health crisis: Forward-thinking strategies and powerful contingency plans ensure your organization's continued existence and business viability in the event of a crisis. With holistic business continuity management based on ISO 22301 certification, you can prepare your organization for unexpected situations.

Maximum resilience through optimal preparation

Comprehensive understanding of existential key processes

Quick response capability to unforeseen events

Recognized proof of due diligence and compliance

Beschreibung Standard/Regelwerk

How does ISO 22301 define a Business Continuity Management System?

A business continuity management system (BCM) based on the international standard ISO 22301 serves to minimize the risk of failure due to serious events that can threaten the existence of your organization. In contrast to conventional risk management, BCM focuses on critical key processes to ensure your organization can keep operating in the event of an emergency.

BCM as defined by ISO 22301 (current revised version, published in 2019) is a holistic management approach. It includes planning, review and training as well as continuous improvement of organizational processes. The goal of the management system is to firmly embed BCM in your organizational culture.

The established processes must be practiced in your organization on a permanent basis and the findings evaluated. This way employees are prepared and trained to restore conditions back to normal as quickly as possible in the event of an emergency.

Like all modern ISO management system standards, the standard is based on the PDCA cycle (Plan-Do-Check-Act) and High Level Structure. Because of this, ISO 22301 can be integrated with other an existing management systems, such as ISO 9001 (quality).

With a Business Continuity Management according to ISO 22301, you ensure that you effectively meet all necessary compliance requirements as well as standards in North America and abroad.

Show more
Show less

Is the ISO 22301 certification right for my company?

Crises and unforeseen events can affect anyone - that's why an effective ISO 22301 management system is essential for any organization in the U.S. It strengthens their resilience, improves the stability of processes, shortens downtime and recovery times, reduces the extent of damage, and enables holistic risk management.

Companies of all types and sizes can benefit from the ISO 22301 standard. However, an efficient BCM is particularly relevant for companies and organizations that belong to the Critical Infrastructure (CRITIS). These take on responsibility for the basic supply of the population, which would be particularly affected by critical events.

In this context, the ISO standard is relevant for the following industries:

  • Energy
  • Finance
  • Food
  • Transportation
  • Telecommunications
Show more
Show less

Why is the ISO 22301 certification beneficial for my organization?

Emergencies typically occur suddenly and unpredictably. Therefore, it is essential to have a continuity management system ready to guide your organization safely through the crisis. Certifying your business continuity management enables you to discover possible risks and potential for improvement, to ensure sustainable success.

By conducting a business impact analysis and developing preventive plans early on, you can ensure that significant threats do not bring affected operational functions to a halt. The standard establishes requirements that support documented continuity management in terms of planning, implementation, self-monitoring, and continuous improvement. You are prepared for certification when all standard requirements are firmly embedded in the organizational culture.

As part of the ISO 22301:2019 certification, we assess on-site whether your business continuity management system meets all standard requirements. In doing so, we focus on precisely the aspects that are vital to the survival of your organization. Our auditors identify potential for improvement and provide you with direct recommendations for action such as minimizing risk and damage, improving preventive measures, and optimizing emergency plans.

As proof of your success, you will receive an ANAB accredited ISO 22301 certificate that demonstrates that you have mastered the scenarios from your business continuity plans.

Show more
Show less

How can my company get ISO 22301 certified with DQS Inc.?

First, we discuss your company and the objectives of an ISO 22301 certification. Based on this conversation, you will receive an individual quote tailored to the needs of your company or organization.

Once a contract is signed, we will work with you to set a mutually agreeable date for the audit. The optional gap assessment gives you the opportunity to identify strengths and areas for improvement in your system in advance.

The certification audit starts with an analysis of your system, stage 1 audit. This enables your DQS auditor to determine whether your management system is ready for certification. In the stage 2 audit, they will assess the effectiveness of the management processes on site. The results are presented in a final meeting and if necessary, action plans are agreed upon.

The audit report and other documents are evaluated by the independent certification board of DQS Inc. If all requirements of the ISO 22301 standard are met, you will receive an internationally recognized and ANAB certified DQS certificate that will remain valid for three years.

In order to maintain the ISO 22301 certificate, key components of your system are audited annually or biannually on-site. This checks the continuous improvement and ongoing effectiveness of your system.

The ISO 22301 certificate expires after three years at the latest. A recertification is carried out by DQS Inc. in time before expiration to ensure continuous compliance with the requirements. Upon confirmed compliance, a new certificate for ISO 22301 will be issued.


What does ISO 22301 certification cost?

What is security and protection worth to your organization in a crisis? Compared to the cost of potential damages, setting up and certifying an efficient BCM according to ISO 22301 is a worthwhile and necessary investment in your business. The audit scope depends on your organization's size, the number of locations, and suppliers. Sometimes, your business sector or products can also result in special requirements.

How high the costs for an ISO 22301 certification are dependent on other factors as well. For example, it plays an important role whether you already have a certified management system, such as ISO 9001 (quality). In addition, the complexity of your processes influences the audit duration and costs. For these reasons, the costs for certification according to ISO 22301 cannot be quantified across the board.

We are happy to provide you with an customized quote for your company, organization, or agency.

Show more
Show less

What you can expect from us

  • Value-adding insights into the resilience of your organization
  • Over 35 years of experience in management system and process certification
  • Industry-experienced auditors combine expert knowledge with emotional intelligence
  • ANAB accredited certificates with international acceptance
  • Meaningful audit reports including recommendations for action
  • Personal, smooth support from our specialists based in the United States with international support
  • Individual offers with flexible contract terms with no hidden costs


Show more
Show less

Request a quote

Your local contact

We will be happy to provide you with an individual quote for ISO 22301 certification.