14. Jan 2020

What is new?

ISO 22301:2019

The new revision of ISO 22301 – Business Continuity Management Systems was published on October 30 and is now available as ISO 22301:2019; the changes are minor.

The focus was laid on increasing the standard’s practical suitability; this is already reflected by the new name – the former title „Societal security” of the 2012 version has been changed to „Security and resilience – Business continuity management systems – Requirements” in the 2019 version.

ISO 22301 is the first Standard that specifies the requirements for implementing and maintaining an effective business continuity plan. It will help an organization to respond more effectively and to recover more quickly to disruption, thus reducing the impacts on persons, products and the company performance.

The key changes in ISO 22301:2019:

  • focus on a resilient organization to adapt to changes more effectively
  • focus on quick recovery from disruption based on response plans and employees who know how to respond in case of disruptive incident
  • systematic identification of internal weaknesses to mitigate them and implementation of plans to respond in case of disruption
  • redundancies of texts and requirements have been removed
  • 100% adaption of the „high level structure“
  • improved and „process-oriented“ structure – clear and logical operational sequence
  • emphasis on processes
  • enhanced user-orientation such as
    • 4.1 – “Context of the organization” – documentation requirements have been reduced
    • 5.1 –„Leadership and commitment“ and management commitment are now summed up in one clause
    • 5.2 – Active participation of management in response exercises is no longer required
    • 6.3 – It is now required to plan the changes to the BCM management system
    • 8.2 – A BIA (Business Impact Analysis) now should take impact categories as a starting point
    • 8.3 – In the previous version of the standard, the focus was on BCM strategies; now, the practical focus is also on finding solutions for specific risks and impacts
  • improved integration into existing management systems, such as ISO 9001, ISO 14001; ISO 45001, etc.
  • instead of an organization’s risk appetite, the focus is now on impacts and the extent to which an impact is acceptable for an organization.

The transition period will be 3 years, which means, after 30 October 2022 certificates for ISO 22301:2012 will no longer be valid.

Contact Persons Risk and Security

Team

Mr. Eckehard Bauer, MSc

Executive Vice President Business Development Risk and Safety, Security, Business Continuity, Transport

Team

Mr. Klaus Weitmann

Key Account Management and Business Development

News & Events

The basis for long-term success!

18. Sep 2020

Protect your organization from damage

Avoiding business disruption

Learn more
25. Aug 2020

Purpose – Creating a meaning for your business

Central element of the organizational policy

Learn more
24. Aug 2020

Agility in the VUCA world

The order of the day

Learn more
21. Aug 2020

Digitalization – Quality in the age of Industry 4.0

Quality 4.0

Learn more
20. Aug 2020

These 8 quality trends will affect Austria’s companies in the next 10 years

Study shows how the concept of quality will change

Learn more
10. Aug 2020

ISO 9001 User Survey 2020

Formal "systematic review" of standard ISO 9001:2015

Learn more
13. May 2020

System certification in the time of Corona

Short overview of adjusted frameworks for audits during Corona.

Learn more
19. Mar 2020

Handling COVID-19

Our support in these challenging times

Learn more
15. Jun 2021

Event: 64th EOQ Congress

Effective Education & Quality Management

Learn more
14. Jan 2020

Optimizations within the supply chain

ISO 41001 & ISO 55001

Learn more
14. Jan 2020

Anti-corruption: a challenge

ISO 37001

Learn more
10. Jan 2020

The future of quality – will ISO 9001 be revised soon?

by Anni Koubek

Learn more
+43 732 34 23 22