iso 22301 bsi
DESCRIPTION
Business Continuity Management standardTRANSCRIPT
Introducing ISO 22301, the new global standard for BCM
Gian Luca Conti
BSI Regional Compliance & Risk Manager
Why we need a BCM?
• 72% of companies surveyed had experienced at least one disruption to their supply chain.
• 83% had experienced disruption over all.
2
Business Continuity Management - Drivers
CEO’s main focus:
•Reputational Impairment•Market Share Loss•Increased Customer Confidence•Governance Expectation “The Right Thing To Do”
Are organisations ready for the next crisis?83% AGREE BCM is important/very important yet…*
• 58% of CEO’s surveyed say they have BCM plans in place
• 50% of organizations with BCM report that it includes plans forhandling the media
• 45% of organizations with BCM do not require any supply chain partners to have their own plans
• 50% of organizations with BCM exercise their plans once a year.
• Around 25% fail to exercise their plans on a regular basis.
* BSI/BCI/Cabinet Office survey 2012 with Chartered Management Institute (CMI)
4
The Benefits BCM Brings
Clients were asked on a scale of 1-10 whether they recognized the benefits listed on the graph. The percentage of respondents who selected 6 or more is graphed here.
5
0
10
20
30
40
50
60
70
80
90
100
Recovery Speed Increased Revenue Improved
Reputation
88% 72% 98%
Pe
rce
nta
ge
of
resp
on
se
nts
re
co
gn
isin
g t
his
be
ne
fit
* Based on 39 responses from a BSI survey
6
International development of BCMPAS 56 BS 25999 ISO 223012003 2006 2012
• Started as a “PAS” (Publicly Available Specification) by BSI
• Became British Standard BS 25999 in 2006
• New ISO 22301 (16 May 2012)
7
BS 25999: the story so far…
• ISO 22301 supersedes BSI’s British Standard BS 25999 – the world’s most recognised & adopted BCM standard.
• BS 25999 sold in over 100 countries.
• Certificates in 43 countries.
• Certificate applications in another 15 countries*
• 800 sites already certified by BSI with 400 pending*
• Market leaders in BS 25999 certification.
* these will likely transition to ISO 22301
BS 25999 global adoption
ICT39%
Financial Services15%
Distribution12%
Professional Services
11%
Business Services7%
Electricity Production5%
Construction Manufacturing
6%
Other5%
BS 25999 – multi-sector adoption
ICT39%
Financial Services15%
Distribution12%
Professional Services
11%
Business Services7%
Electricity Production5%
Construction Manufacturing
6%
Other5%
Today ’s conference
20%
30%0%
9%
33%
0%
5%3%
Existing BSI BS 25999 clients
Introducing ISO 22301
• New international standard for business continuity management (BCM)
• Its official title is ISO 22301 Societal Security - Business continuity management system - Requirements
• All core business continuity elements in BS 25999-2 are present in ISO 22301
What is ISO 22301?
• Provides the requirements for a business continuity management system (BCMS)
• Based on global BCM best practice
• Created in response to strong interest in the original British Standard BS 25999-2 and other regional standards
• BS 25999-2 key source text in its development
• For those certified to or aligned with BS 25999-2, the additional requirements are not onerous
Societal Security and BCM?
• ISO 22301 now comes under a wider societal security remit
• This acknowledges the important role that BCM has to play in protecting society and ensuring our ability to respond to incidents, emergencies and disasters.
Benefits of adopting a systems approach to managing BCM
• Allows organizations to benefit from global BCM best practice, regardless of whether they are planning to certify or not
• Provides a foundation and a common vocabulary for BCM best practice and guidance
• Consensus standards like ISO 22301 represent the input and recommendations of hundreds of BC professionals and industry experts
To certify or not to certify?
• Certification offers many advantages, including:
� It challenges your BCM programme and organization to reach a higher level of maturity and preparedness
� Supply chain requirement
� Prequalification for tenders
� Provides a competitive advantage
� Signifies a base level of readiness and a commitment and seriousness about BCM
Why customers choose BSI• 80% of customers choose BSI because of our reputation. We are
known worldwide for our independent and objective guidance, and appraisals that people trust.
• The second driver for choosing BSI is quality: the quality and expertise of our people, and the quality of our products and services.
� 91% is the average satisfaction rating of BSI client managers/auditors
� 88% is the average BSOL advisor satisfaction rating
� 92% is the average tutor content knowledge and delivery rating
• As a result we have a consistent 90% annual customer retention.
We make excellence a habit!
BSI Services• Information and guidance
• Gap-analysis
• Second and third-party auditing and verification
• Registration and certification
• Continual assessment and strategic reviews
• Business improvement tools, performance benchmarking and software solutions
19