Everything you need for your Business Continuity Management System implementation and ISO 22301 certification project

1. www.itgovernance.co.ukwww.itgovernance.co.uk
Business Continuity Management & ISO22301
Everything you need for your implementation and certification project
Implement a BCMS
effectively and efficiently
with documentation toolkits
Train your staff with
ISO22301 BCMS Foundation
and Advanced level courses
Receive professional
business continuity
consultancy support
Achieve compliance with
ISO22301, the international
Business Continuity
Management Standard
Deliver Cyber Resilience by
integrating ISO22301 with
ISO27001

2. What is ISO/IEC 22301:2012?
ISO/IEC 22301:2012 is the international Standard for
business continuity management within organisations.
It defines the specification and best practice for
developing and implementing a robust business
continuity management system.
ISO/IEC 22301:2012 (Societal Security - Business
Continuity Management System – Requirements) was
published in May 2012 and replaces the BS25999
Standard. All organisations that hold BS25999 are
required to make the transition to the new ISO22301
Standard within the transition period which is likely to be
no more than 24 months.
Why is implementing a BCMS important?
Organisational survival depends on business resilience.
Fire, flood, disease or other acts of nature can destroy a
business in moments. Intelligent contingency planning
is a pre-requisite for sleeping well at night and for
maintaining your customer base!
Service disruptions, delays in responding to customer
requests, inability to process transactions in a timely
manner or being unable to resume business in the
face of a disaster, can all have significant impact on the
effective operation and the profitability of the business.
Recent natural disasters as well as terrorist activities have
shown that an organisation’s resilience and its ability
to resume business quickly and efficiently, are directly
related to its preparedness to respond to unforeseen
events.
In the public sector, organisations have a responsibility
to ensure the continuation of critical services in the event
of any disruption or crisis. In the UK, this responsibility
is defined in law under the UK Civil Contingencies Act
2006.
A Business Continuity Management System (BCMS)
enables organisations to update, control and deploy
these plans and align them with their strategic and
operational objectives.
‘IT Governance has a brand reputation that I trust.’
Andrew Dalrymple, Managing Consultant, GSS Ltd
What is a BCMS?
The ISO22301 Standard defines a Business Continuity
Management System (BCMS) as:
‘Part of the overall management system that establishes,
implements, operates, monitors, reviews, maintains and
improves business continuity’
The benefits of a BCMS
• Create effective operational business continuity plans
• Ensure all business continuity plans (BCP) are fit for
purpose
• Align BCPs with strategic organisational objectives
• Continually improve BCPs as the organisation grows
• Reduce the cost of business interruption insurance
policies
• Satisfy a condition for a licence to operate (e.g. UK
SRA Code of Conduct 2011)
• Satisfy Corporate Governance obligations
The benefits of ISO22301 certification
• Demonstrate to key stakeholders (customers,
suppliers and partners) that you are committed to
them for the long term
• Increase your competitive advantage and enhance
your reputation
• Protect your financial income and business assets
• Comply with all mandatory legal and regulatory
requirements
• Align and integrate with ISO9001, ISO27001,
ISO14001, ISO20000 and ISO28000 management
standards to deliver significant benefits
Sign up for the latest information and products
about ISO22301 on our website:
www.itgovernance.co.uk/ISO22301-Business-
Continuity-Standard.aspx

3. Business Continuity Management Library
From a copy of the ISO22301 Standard to essential
books, we offer everything you need to get started:
www.itgovernance.co.uk/shop/c-324-books.aspx
ISO22301 BCMS
Implementation Toolkit
The toolkit contains all the
templates and tools that enable
a Business Continuity manager
to quickly and effectively
implement a BCMS in line with ISO22301.
This toolkit comes with an inbuilt 12-month support and
upgrade contract that ensures that buyers benefit from
all improvements to the toolkit, and provides online
documentation drafting support.
www.itgovernance.co.uk/shop/p-1039.aspx
There is a free demo version of this toolkit available at:
www.itgovernance.co.uk/free_trial.aspx.
‘The course enables me to complete a BCP to a higher quality with greater
assurance.’
Antony Green, IT Manager, Raven Housing Trust Ltd
Why Choose IT Governance to help you achieve certification to ISO22301?
• We have over 10 years of experience with management standards and compliance
• We have been involved with the Business Continuity Standard (BS25999) since its first publication
• We are a single source provider of resources required to implement best practice and achieve certification
• We can help you integrate your BCMS with other management systems
• We have extensive knowledge and experience of integrating ISO22301 with ISO27001 to deliver Cyber
Resilience and protect the information assets in your organisation
Certified Training
IT Governance offer delegates the opportunity to attain
an industry standard qualification and to help their
organisation achieve compliance and best practice with
the ISO22301 Standard.
ISO22301 BCMS Foundation Training Course
This one-day training course provides an introduction to
the best practices associated with Business Continuity
Management as defined by the ISO22301 standard.
www.itgovernance.co.uk/shop/p-694.aspx
ISO22301 BCMS Lead Implementer Training Course
This three-day training course is ideal for anyone
involved in or responsible for implementing a Business
Continuity Management System (BCMS) that conforms
with ISO22301.
www.itgovernance.co.uk/shop/p-695.aspx
ISO22301 BCMS Lead Auditor Training Course
This 4.5 day training course provides delegates with
the practical knowledge and skills required to plan and
execute an effective audit of a BCMS that conforms to
ISO22301.
www.itgovernance.co.uk/shop/p-1264.aspx
Acknowledged Certification
Delegates who successfully complete the examinations
associated with the ISO22301 BCMS Foundation, Lead
Implementer and Lead Auditor courses are awarded
qualifications approved by the International Board for IT
Governance Qualifications (IBITGQ).

4. Cyber Resilience
The importance of mitigating the disruption to
information technology services has been at the heart of
disaster recovery and business continuity plans for many
years. With the growth of IT and the increased risk of
attack from outside sources (cyber attack), the survival of
all organisations will depend upon the protection of their
critical information assets.
The idea of cyber resilience – that an organisation’s IT
systems and processes should be resilient against natural
disaster or outside attack is a key principle underlining
the ISO22301 and ISO27001 Standards.
ISO22301 and ISO27001 have been designed to
work together to provide a complete ‘cyber resilience’
management solution.
ISO/IEC 27001:2005 is the internationally recognised
standard that helps businesses throughout the world
mitigate the risks associated with cybercrime and
provides the security assurance demanded by your
board, shareholders, regulators and most importantly,
your customers.
Control A.14 of the ISO27001 standard deals with
Business Continuity. The five sub-clauses of A.14 of
ISO27001 are primarily concerned with how information
security should be included in a business continuity plan.
The ISO/IEC 27031:2011 Guidance for ICT Readiness
for Business Continuity Standard provides the essential
linkage between information security management and
cyber resilience.
IT Governance is an acknowledged leader in the
provision of ISO27001 and ISO22301 products
and services. We are uniquely positioned to help
your organisation implement a comprehensive
cyber resilience management system and become
certificated to the international ISO27001 and
ISO22301 standards.
Call us on +44 (0)845 070 1750 to discuss your
requirements.
www.itgovernance.co.uk/ISO22301-Business-Continuity-Standard.aspx
E-mail: servicecentre@itgovernance.co.uk
Phone: + 44 845 070 1750
Version 2.2
Business Continuity Consultancy Services
If you choose to use the IT Governance Consultancy
services for your ISO22301 project, we will provide a
free initial assessment to establish how exposed your
business is. From this, we can help you identify what
you need to do to fully meet the requirements of the
ISO22301 Standard.
By working with us, you will gain the following benefits:
• You will be in control of all of your certification costs
with our transparent pricing
• We will help you increase internal buy-in and assist
you with leveraging your resources to achieve your
compliance goals
• You will be able to access a wealth of information
under one roof with our comprehensive, integrated
Business Continuity Management resources,
including:
- Experienced consultants
- Risk management experts
- Technical BCM knowledge
- Professional trainers and training courses
- Books and support tools
• We will link your ISO22301 business continuity
framework with your ISO27001, COBIT®
, ISO20000,
ITIL®
, PCI DSS, and other management frameworks
• We will tailor your BCM system to your requirements
to ensure it continues to be cost-effective to run while
meeting ISO22301 requirements
Recognised by third party accredited
certification bodies
Whilst independent of vendors and certification
bodies, encouraging clients to select the best-fit for
their needs and objectives, IT Governance is widely
recognised amongst UKAS accredited certification
bodies as a leading ISO27001 and ISO22301
consultancy.