Business Continuity Management System (ISO/IEC 22301:2019)

Identifying and managing threats that could potentially impact business continuity is becoming increasingly important in today’s business landscape. It is therefore essential to implement a Business Continuity Management System (BCMS).

The ISO 22301 standard specifies the requirements necessary for a management system to protect and reduce the probability of accidents that may occur within the context of the organization, as well as to optimize response times and the restoration of activities following destabilizing events.

We will then proceed, with your support, to the analysis of the various controls suggested by ISO 22301 and the implementation of the BCMS providing tools and recommendations for the identification and understanding of risks, objectives and responsibilities. We will provide support in the planning and drafting of plans and policies to ensure that the organization has the necessary characteristics to respond effectively to accidents and catastrophic events so as to drastically reduce damage.

All this will be included within a PDCA cycle (Plan, Do, Check, Act) able to monitor the results of the BCMS (also allowing continuous improvement) and accompanied by the identification and drafting of the basic documented information required by the standard, such as:

• Risk Assessment
• BIA (Business Impact Analysis)
• Business Continuity Strategy
• Business Continuity Procedures
• Exercising and Testing

Leveraging the experience developed by the professionals of ICTLC – ICT Legal Consulting in the field of GDPR legal compliance, our Cybersecurity Advisors are able not only to verify the correct application of ISO/IEC 22301:2019 controls, but also to relate them to the correct fulfilment of legal obligations regarding the protection of personal data.