Blog
ISO granted free access to Business Continuity & Risk Management Standards (ISO 22301:2019, ISO 22395:2018, ISO 22320:2018, ISO 22316:2017 & ISO 31000:2018)
People and organization safety is always a high priority for every organization, but even more so in times like these. Considering the COVID-19 outbreak, the International Organization for Standardization (ISO) has extended their support by enabling free access to Business Continuity, Resilience and Risk management standards.
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). IEC and ISO International Standards represent global consensus on a solution to a particular issue.
They provide requirements, specifications, guidelines or characteristics that can be used consistently to ensure that materials, products, processes and services are safe to use and fit for their purpose.
International Standards offer strategic answers for businesses in their attempt to decrease costs, increase productivity, access new markets, and facilitate freer and fairer global trade.
The standards are available in read-only format, and you can find the links here:
ISO 22301:2019 Security and resilience – Business continuity management systems –Requirements. This document specifies the structure and requirements for implementing and maintaining a business continuity management system (BCMS) that develops business continuity appropriate to the amount and type of impact that the organization may or may not accept following a disruption
ISO 22395:2018 Security and resilience – Community resilience – Guidelines for supporting vulnerable persons in an emergency.
This document gives guidelines for identifying individuals who are the most vulnerable to an emergency and how to include them in the preparation, response and recovery from events, incidents and emergencies. Emergencies have different effects on people; for example, some individuals will become less able to anticipate, cope with, resist or recover from the impacts of an emergency.
ISO 22320:2018 Security and resilience – Emergency management – Guidelines for incident management
In recent years, there have been many disasters, both natural and human-induced, and other major incidents which have shown the importance of incident management in order to save lives, reduce harm and damage, and to ensure an appropriate level of continuity of essential societal functions.
This document provides guidance for organizations to improve their handling of all types of incidents (for example, emergencies, crisis, disruptions and disasters).
The multiple incident management activities are often shared between organizations and agencies, with the private sector, regional organizations, and governments, have different levels of jurisdiction. Thus, there is a need to guide all involved parties in how to prepare and implement incident management.
ISO 22316:2017 Security and resilience – Organizational resilience – Principles and attributes
Organizational resilience is the ability of an organization to absorb and adapt in a changing environment to enable it to deliver its objectives and to survive and prosper.
More resilient organizations can anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience can be a strategic organizational goal, and is the outcome of good business practice and effectively managing risk.
This document establishes the principles for organizational resilience. It identifies the attributes and activities that support an organization in enhancing its resilience.
This document includes:
- Principles providing the foundation for enhancing an organization’s resilience;
- Attributes describing the characteristics of an organization that allow the principles to be adopted;
- Activities guiding the utilization, evaluation and enhancement of attributes.
ISO 31000:2018 Risk management – Guidelines
Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.
Managing risk is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions.
Managing risk is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems.
Managing risk is part of all activities associated with an organization and includes interaction with stakeholders.
Managing risk considers the external and internal context of the organization, including human behaviour and cultural factors.
You can find more information on various relevant topics here.
Thank You
ISO Trainer & Consultant Email maheshpande@yahoo.com