Information about ISO 22301 certification
Maximum resilience through optimal preparation
Comprehensive understanding of existential key processes
Rapid response capability to unforeseen events
Recognized proof of due diligence and compliance
What is a Business Continuity Management System according to ISO 22301?
BCM as defined by ISO 22301 (current revised version, published in 2019) is a holistic management approach. It includes planning, review and training as well as continuous improvement of organizational processes. The goal of the management system is to firmly embed BCM in your organizational culture.
The established processes must be practiced in your organization on a permanent basis and the findings evaluated. Thus, employees are prepared in the event of an emergency and can act in a purposeful and structured manner despite enormous emotional stress, in order to restore conditions back to normal as quickly as possible.
Like all modern ISO management system standards, the standard is based on the PDCA cycle (Plan-Do-Check-Act) and the High Level Structure. This facilitates integration into an existing management system, for example ISO 9001 (quality).
With a Business Continuity Management according to ISO 22301, you ensure that you effectively meet all necessary compliance requirements as well as international standards.
Who is ISO 22301 certification suitable for?
Companies of all types and sizes can benefit from the ISO 22301 standard. However, an efficient BCM is particularly relevant for companies and organizations that belong to the Critical Infrastructure (CRITIS). These bear responsibility for the basic supply of the population, which would be particularly affected by critical events.
In this context, the ISO standard is relevant for the following industries, for example:
- Energy
- Finance
- Food
- Transportation
- Telecommunications
Why is ISO 22301 certification useful for my organization?
By conducting a business impact analysis and developing preventive plans early on, you will be able to ensure that relevant threats do not bring affected operational functions to a standstill. The standard establishes requirements that support such documented continuity management in terms of planning, implementation, self-monitoring, and continuous improvement. You are prepared for certification when all standard requirements are firmly embedded in the organizational culture.
As part of the ISO 22301:2019 certification, we assess on-site whether your business continuity management system meets all standard requirements. In doing so, we focus on precisely those aspects that are vital to the survival of your organization. Our auditors identify concrete potential for improvement and provide you with direct recommendations for action - for example, for minimizing risk and damage, improving preventive measures and optimizing emergency plans.
As an outward sign of your success, you receive a certificate - and with it the reassuring certainty that you have mastered the scenarios from your business continuity plans.
How does ISO 22301 certification work?
First, you discuss your company, your personal goals and the objectives of an ISO 22301 certification with us. Based on these discussions, you will receive an individual offer tailored to the needs of your company or organization.
The certification audit starts with an analysis of your system. This enables your DQS auditor to determine whether your management system is ready for certification. In the next step, they will assess the effectiveness of the management processes on site. The results are presented in a final meeting. If necessary, action plans are agreed upon.
The audit results are evaluated by the independent certification board of DQS. If all requirements of the ISO 22301 standard are met, you will receive an internationally recognized DQS certificate with a validity period of three years.
In order to maintain the ISO 22301 certificate, key components of your system are audited annually on site. This ensures the continuous improvement and ongoing effectiveness of your system.
The ISO 22301 certificate expires after three years at the latest. A recertification is carried out in good time before expiry to ensure continuous compliance with the requirements. Upon compliance, a new certificate will be issued.
What does ISO 22301 certification cost?
How high the costs for an ISO 22301 certification actually turn out to be depends on other factors as well. For example, it plays an important role whether you already have a certified management system, such as ISO 9001 (quality). In addition, the complexity of your processes has an influence on the audit duration and costs. For these reasons, the costs for certification according to ISO 22301 cannot be quantified across the board.
Talk to us: We will be happy to provide you with an individual offer for your company, organization or agency.
What you can expect from us
- Meaningful audit reports including recommendations for action
- Personal, smooth support from our specialists - regionally, nationally and internationally
- Individual offers with flexible contract terms without hidden costs