Business Continuity Management


Learn how to prepare and respond to unexpected incidents through ISO 22301:2019

Learn how to prepare and respond to unexpected incidents through ISO 22301:2019


In the modern world business continuity is very crucial for success and maintaining credibility. Business continuity is key to the sustenance and growth for any organization. Organisation needs to be suitably protected against unforeseen events. Customers also wants organizations to plan and prepare for unforeseen events. Organisations can build resilience and capability to support and run critical processes and activities with help of ISO 22301 (Business Continuity Management System).

The organizations are dependent on people and technologies. The frequency and severity of events seem to be increasing due to over reliance on complex networks and ever changing technologies. These trends along with natural incidents leave business susceptible to variety of current and emerging risks. Business Continuity planning and execution is one the most critical component of recovery strategy and can help organisation to protect from long term risks.

The course will be conducted by our experienced lead auditors, who have audited numerous organizations. This intensive course is a key requirement in becoming a registered auditor / lead auditor. The course is structured to provide the knowledge and skills required to assess the Business Continuity Management System of an organization with respect to the requirements of the ISO 22301:2019 international standard.

This comprehensive five-day course comprises of case studies, training and role-plays to ensure that the participant thoroughly understands the role of an auditor / lead auditor and acquires the expertise needed to perform effective audits. Participants who successfully complete the course will be presented with an CQI-IRCA (International Register of Certificated Auditors) registered ‘Certificate Of Achievement.’

Duration: 5 - days course



  • Course objectives

     • Understanding the purpose of Business Continuity Management System.
    • To review the structure and requirements of ISO 22301:2019
    • Applying PDCA approach by establishing, implementing, maintaining and continually improving the Business Continuity Management System, its processes and their interactions.
    • Understanding the role and skills required by an auditor / lead auditor.
    • Understanding the auditing concepts and principles.
    • Understanding the phases of an audit which comprises of planning, conducting, reporting and follow up in accordance with ISO 19011:2018
    • To gain / enhance auditing skills to become an effective Auditor / Lead Auditor

  • Course content

    1. BCMS concepts and ISO 22301 standard
    • BCMS concepts and benefits
    • The purpose, importance and benefits of Business Continuity Management System
    • Business Impact Analysis & Risk Assessment
    • ISO 22301 standard requirements.
    • BCMS documentation.

    2. Auditing concepts
    • Auditing principles.
    • Auditing objectives.
    • Types of audits.
    • Phases of audit.
    • Process approach.

    3. Roles and responsibility of auditors
    • Auditors and lead auditors.
    • The auditors’ responsibilities.
    • The lead auditors’ responsibilities.
    • Auditors qualification and certifications.

    4. Planning an audit
    • Pre-audit planning.
    • Reviewing documentation.
    • Developing an audit plan.
    • Preparing checklists or working documents.
    • Communication factors.

    5. Conducting an audit
    • Opening meeting.
    • Collecting objective / audit evidence.
    • Effective interviewing techniques.
    • Identifying and recording nonconformities.
    • Preparing for the closing meeting.
    • Do’s and Don’t’s of auditing.
    6. Reporting audit results
    • Conducting the closing meeting.
    • Preparing the audit report.
    • Distributing the audit report.

    7. Corrective actions
    • Corrective action responsibilities.
    • Follow up scheduling.
    • Monitoring corrective action.

    8. ISO 22301 registration
    • Choosing a registrar.
    • The registration process.
    • Surveillance audits.

    9. Exercises / Roleplay (50% of course time)
    10. Written examination




Participants will be assessed throughout the course for punctuality, presentation skills, interactive approach, involvement, role-play, daily tests etc. and finally through a written examination at the end of the course. The The examination is ‘closed book’ and only reference material allowed in the examination is a copy of the standard ISO 22301:2019.
• The passing criteria: 70%.

CQI-IRCA Registered Certificate:

• Participants who scores 70% and above in both the continuous assessment and written examination will be issued an CQI (Chartered Quality Institute) & IRCA (International Register of Certificated Auditors) registered certificate of successful completion of the course.
• Unsuccessful candidates will be issued a certificate of attendance from TÜV SÜD South Asia. Note: TUV SUD South Asia as Approved Training Partner of CQI IRCA fulfills all compliances of the course.


This course is specially designed for:

• Business Continuity and Information Security Practitioners, Head – IT, Chief Information Security Officer.
• Business Continuity and Information Security Consultants, Risk Professionals, IT Managers.
• Internal or External BCMS Auditor.
• Operations core group members responsible for establishing, implementing, maintaining and improving BCMS.
• Professionals who have a role to play in the auditing of BCMS.

Prerequisite: Participants who are interested in attending this course must have prior knowledge of the following:

a) Management Systems
• Understanding of the Plan-Do-Check-Act (PDCA) cycle.
• Process approach.

b) Principles and Concepts of Business Continuity Management System (BCMS)
• Knowledge of the requirements of ISO 22301 (with ISO 22313) and the commonly used terms and definitions, as given in ISO 22300;
• Awareness of the components and the need for busniess continuity and the importance of leadership and commitment in BCMS;
• Knowledge of using the results of Business Impact Analysis and Risk Assessments to determine appropriate business continuity strategies and incident response structure;

*Relevant proofs to be submitted. This course is not for filling gaps in the knowledge about the standard, but for enhancing the knowledge about the same with regards to audit context.


The course content and structure are designed by the domain experts from TÜV SÜD.

With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.

  • What are the benefits of enrolling in this course?
    • World-class training – by learning from TÜV SÜD’s industry experts and training specialists

    • Interactive learning style – with interactive formats such as lectures, illustrations and simulations are used

    • Networking opportunity – where you can meet and build network with like-minded individuals at our instructor-led training

    • Gain a competitive edge – by getting trained by experts known in the fields of safety, security and sustainability



Next Steps

Site Selector