ISO 22301 BCMS Certification

Business Continuity Management System Certification

Business Continuity Management System Certification

WHAT IS ISO 22301?

ISO 22301 is an international framework that has been developed to help businesses identify potential threats to critical business functions and design a business continuity management plan. The standard helps companies build effective backup systems and processes to safeguard against theft, natural disasters, disease outbreaks, terrorist attacks and other extraordinary incidents. ISO 22301 specifies the requirements to plan, implement, monitor, review and improve a company’s business continuity management system, thereby minimising the impact of disruptions.


ISO 22301 certification provides formal business continuity guidelines that will keep your organisation operational during and following a disruption. It seeks to minimise the impact to critical business functions, ensuring they are still capable of being delivered or recovered promptly. The ISO 22301 standard is applicable for companies of all sizes across any industry, particularly those operating in high risk or complex environments where the ability to function without delay is of paramount importance. ISO 22301 business continuity certification also helps you avoid loss of revenue and customers should a major problem occur.


As an internationally recognised certification body, TÜV SÜD offers auditing and certification. TÜV SÜD’s dedicated and experienced auditors possess the accreditation and experience to perform combined auditing exercises and can support you with proficiency in your local language and knowledge of the local market.

Our auditors follow a strict code of conduct that assures you and your customers of our complete independence and professionalism. In addition, our TÜV SÜD certification mark provides you with international recognition and demonstrates your commitment to quality and stable operations.

  • How do I use ISO 22301?

    ISO 22301 BCM certification is essential for any enterprise. You can ensure stability and preparedness in the event of any threats to the functioning of your business. By using this standard for your business processes, you can limit your losses and emerge unaffected from disruptions.


  • What is the purpose of using ISO 22301 standard?

    In this everchanging and volatile business landscape, it is now more important than ever to protect your business from potential disruptions. With this standard, you can commit to recovery and continuity post disruptions to your business.


  • Who needs ISO 22301?

    In general, ISO 22301 BCM certification is a standard which can be implemented by any business. Businesses that are looking to set up a business continuity management system to ensure conformity and wish to document this conformity for third parties should consider certifying to ISO 22301.


  • How long does it take to get ISO 22301 certification?

    For a small- to mid-sized well-prepared organisation, a three to six month period should be sufficient.



  • What will be assessed during the ISO 22301 certification?

    The below are some examples of the areas that will be assessed:

    - Business continuity management scope
    - Business continuity management policy
    - Business continuity management objectives
    - Resource and competency
    - Communication
    - Specifications
    - Management commitment
    - Business impact analysis performance
    - BCP planning


  • How does the certification of ISO 22301 work?

    To be certified for ISO 22301, the process is as follows:

    1) Documentation review – to assess if your business continuity management system complies with the requirements of the ISO 22301 standard.

    2) Conduct Pre-certification audit (optional) - It aims to help SMEs to (i) validate their system implementation against the standards requirements; (ii) gaps identified from the online gap analysis; (iii) identify areas of improvement. Any gaps identified at this stage will have to be rectified before the actual certification audit commences.

    3) Audit Plan Preparation

    4) Conduct Certification audit – Verifies the implementation and compliance of your business continuity management system to the standard

    5) Certificate issuance

    6) Surveillance and Recertification audits – to ensure continuous improvement


  • What are the benefits of ISO 22301 BCMS Certification?

    ISO 22301 Certification has several benefits, some of which are as follows:

    1. Determining and addressing any current or potential threats to your company.
    2. Proactively reducing the impact of incidents.
    3. Maintaining the operation of critical processes during emergencies.
    4. Reducing the interruption caused by incidents and accelerating recovery
    5. Displaying tenacity with respect to clients, vendors, and tender requests

    Disasters impact businesses regardless of the size of the organisation. Therefore, ISO 22301 aids in business continuity for smaller organisations as well. In addition to this, ISO 22301 ensures that your Business Continuity Management System remains compliant and continues to protect your company from new threats.


  • What are the steps to getting ISO 22301 certified?

    The ISO 22301 BCM certification process is simple and consists of the following steps:

    1. Gap analysis (Optional): Involves identification of areas that need more work before starting a formal assessment, saving time and money.
    2. Formal assessment: Reviewing your current business continuity management system against an ISO 22301 checklist is a top priority. Meeting all the requirements ensures that you will be ready for certification.
    3. Certification and beyond: After successfully completing the formal evaluation, an ISO 22301 certificate valid for three years is issued.



ISO 22301

ISO 22301 Business Continuity Management System

Ensure continuity of critical business functions in the event of disruptions


iso/iec 27001 Information security management system

ISO/IEC 27001 Information security management system

Secure your knowledge and information with a systematic approach



Next Steps

Site Selector