1

BCMS concept

• Overview of the ISO 22301 standard. Comparison with BS 25999 and ISO 27001.
• Management systems, business continuity, and process approach.
• Why a BCMS (Business Continuity Management System)?
• Getting your BCMS certified by an independent body?
• BCMS and PDCA (Plan-Do-Check-Act). What do you put in the PDCA?

2

The ISO 22301 standard.

• Overview of clauses 4 to 10 of ISO 22301.
• Clause 4 (Context of the organization): Organization, legal requirements, scope.
• Clause 5 (Leadership): Management commitment, continuity policy, roles and responsibilities.
• Clause 6 (Planning): Actions to address risks, continuity objectives and plans.
• Clause 7 (Support): Resources, awareness, communication, and documented information.
• Clause 8 (Operation): Impact and risk analysis (BIA), protection, continuity plans.
• Clause 9 (Performance evaluation): Measurement, analysis, auditing, management review.
• Clause 10 (Improvement): Handling nonconformity and corrective actions.

3

Implementing a BCMS in accordance with ISO 22301

• Implementation phases of the ISO 22301 framework.
• Impact analysis and risk assessment. Protective and mitigating measures.
• Designing continuity plans and writing procedures.
• ISO 22301 certification audit.

4

Overview of PDCA

• Context of the company. Commitment. Planning. Operation.
• Performance evaluation. Improvement. Risk analysis. Continuity strategy.
• Incident response. Crisis management system.
• Testing, keeping the continuity plan in good condition. Control and auditing.

5

Exam

• Areas of skill covered by the exam. Principles and fundamental concepts. BCMS.
• The certificate issued to attendees grants 14 CPD (Continuing Professional Development) credits.
• The exam meets the requirements of the PECB certification program (ECP Examination and Certification Program).