Why should Indian businesses implement ISO 22301 standard?

News

Why should Indian businesses implement ISO 22301 standard?

Sanil Nadkarni

As the datacenter becomes the core of company operations, business continuity and disaster recovery is becoming increasing important to prevent catastrophic events disrupting the business and causing huge losses.

There are many business continuity standards across the globe but the latest is the

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

ISO 22301 standard, which has its root in the BS 25999 standard. ISO is an internationally adopted standard with global presence in more than 200 countries. Using this standard not only gives confidence to customers but also gives adopters an international foot print.

The ISO 22301 standard is founded on the existing Plan-Do-Check-Act model, which is ubiquitous to the ISO organization.

Many Indian companies have already certified themselves on the BS 25999 standard and it is prudent to eventually transition to ISO 22301 standards.

Prashant Kaikini, assistant vice-president at software services firm Indus Pvt Ltd said: “ISO is a catalyst in providing assurances to our clients of the services we render. ISO 22301 provides a robust framework in building business continuity processes.”

Because ISO is universally accepted, it gives multi-national companies a consistent platform approach to deploy the standard regardless of its size or complexity.

Kishor Rao, director at ecommerce and real estate firm Go2 Reality said: “We have a heterogeneous IT eco system and intricate business processes, coupled up with ever-changing customer requirements. Hence it’s pivotal for us to have a standard that can be woven into our existing fabric. We have adopted the ISO 22301 standard as a baseline to integrate and fine tune our existing processes and thus reducing business impact due to disruption. “

The standard will be especially important for multinational firms that need a consistent cross-enterprise approach to BCM. The standard is also easily scalable so it can be adapted to organizations of nearly any size.  Its structure and organization also make it a strong audit tool. 

The key premise on building a business continuity strategy is to understand and reflect the needs of customers. It should be integrated with the business processes and woven into its existing IT eco-system.

The new standard can be integrated with other existing ISO standards which are widely implemented such as ISO 27001, thus giving a baseline and uniformity.

ISO 22301: 2013 Business continuity management systems emphasizes the importance of:

  • Greater emphasis on setting the objectives, monitoring performance and metrics
  • Clearer expectations on management
  • More careful planning for and preparing the resources needed for ensuring business continuity

Structural components of a management system framework with a business continuity management system include:

  • Identify crucial risk factors already affecting your organization;
  • Understand your organization’s needs and obligations;
  • Establish, implement and maintain your business continuity management system (BCMS);
  • Measure your organization’s overall capability to manage disruptive incidents;
  • Guarantee conformity with stated business continuity policy.