ISO 22301: A Specification for BCM
The ISO standard, ISO 22301, "Societal security -- Preparedness and Continuity Management Systems -- Requirements", specifies requirements for setting up and managing an effective Business Continuity Management System (BCMS)
Like the second part of BS 25999, upon which it is largely based, it details the requirements for a BCM System and will be auditable, which enables organizations to demonstrate compliance. It is thus this standard against which certification will be available.
The contants of the standard are as follows:
Section 1: The scope of the plan.
Section 2: Normative Reference.
Section 3: Context of the organization (including determining the scope of the management system).
Section 4: Understanding of the organization, its needs and the scope of the management system relative to the business.
Section 5 - Leadership (including organizational roles, responsibilities and authorities).
Section 6 - Planning (including objectives and plans to achieve them).
Section 7 - Support (including resources, competence, awareness, communication).
Section 8 - Operation of the Business Continuity Management System.
Section 9 - Performance Evaluation (including Monitoring, measurement, analysis and evaluation).
Section 10 - Continuous Improvement.