BS 25999 and ISO 22301 Introduction

A standard approach to Business Continuity Management (BCM) has been mooted and suggested for decades. Prototype draft standards have been published, but never really quite gained the momentum to succeed. This void has therefore been obvious and glaring for a long time. However, this landscape finally changed dramatically late in 2006, with the publication of the first part of BS 25999, a code of practice for business continuity management.

The concept of the standard itself has also been on the table for quite a long time. BSI published a draft standard known as PAS56 back in 2003. This was largely for public comment: the normal process adopted by BSI as part of the development of its major standards. In 2006 a draft version of BS25999-1 was published, again for public comment. Eventually, in November of that year, the standard was finally born, with a fanfare of announcements, conferences and podcasts.

A similar process followed in November 2007 when the second and final part of the standard was published. BS 25999-2 is the specification, against which certification will be offered.

ISO 22301
As with so many BSI standards, an ISO standard eventually emerged: ISO 22301. Although the influence of other standards is clear, the foundation was based upon BS25999-2. It was published in May 2012. More details: Introducing ISO 22301

------------------------------------------------------

BS25999-1 Table of Contents
Title Section Page
Scope and Applicablility 1 1
Terms and Definitions 2 1
Overview of BCM 3 6
The BCM Policy 4 10
BCM Programme Management 5 13
Understanding the Organization 6 16
Determining Continuity Strategy 7 21
Developing and Implementing a Continuity Response 8 26
Exercising, Maintaining and Reviewing 9 35
BCM in the Organization's Culture 10 40

BS25999-2 Table of Contents
Title Section Page
Scope 1 1
Normative References 2 1
Definitions/Terms 3 2
Planning a BCMS 4 7
Implementing and Operating a BCMS 5 10
Monitoring and Reviewing the BCMS 6 14
Maintaining and Improving the BCMS 7 15



The certification scheme for the latter is still in its infancy. However, at last: a consistent and international third party measure of an organization's business continuity processes exists.



BS 25999 And ISO 22301 World

This portal is dedicated exclusively to business continuity management using the BS25999 and ISO 22301 standards. We will bring you news of all developments related to the standard, including hints/tips, basic information, resources, and even a forum to discuss issues arising. Hopefully, we will provide invaluable assistance to those organizations seeking to adopt a consistent and quality approach to BCM.

Official sources of the standard.