ISO 22301 Certification Mark

Certified Business Continuity Management System

Certified Business Continuity Management System

Certification:ts-iso-22301

Management system certification / Voluntary assessment

Basis of certification:

ISO International Organization for Standardization

Standard owner:

Management system certification / Voluntary assessment

WHAT DOES THE ISO 22301 STANDARD DEFINE?

  • ISO 22301 standard specifies the requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
  • ISO 22301 ensures continuity of business delivery of products and services after occurrence of disruptive events (e.g., natural disasters, man-made disasters, etc.). The identification of business continuity priorities (through business impact analysis), evaluation of how potential disruptive events can affect business operations (through risk assessment), formulating preventive action plan for such events before happening, and then outlining a recovery plan to regain normalcy in the shortest time possible (i.e., business continuity plans and procedures).

WHAT DO “CERTIFICATION” OR THE ISSUE OF A CERTIFICATION MARK ACCORDING TO ISO 22301 BY TÜV SÜD PSB PTE. LTD. MEAN?

  • The customer has submitted to voluntary certification audit, according to defined criteria (ISO 22301 standard).
  • A certificate and the authorisation to use a certification mark are only issued when all of the non-conformities from the certification audit are addressed and the Business Continuity Management System of the organization meets all the requirements of the standard.
  • The validity of the certificates and/or certification marks is three years and maintained through the annual surveillance every 12 months and the complete review of the management system after three years.

HOW IS THE ASSESSMENT/AUDIT PERFORMED?

Independent and qualified experts (auditors) apply the following auditing techniques:

The process is the same applied for the certification of the other management systems.

  • Document review: 
    Before the audit (voluntary)
  • On-site audit:
    Certification Audit Stage 1 and stage 2 
    Surveillance audits every 12 months (2 SA audit in the certification cycle)
    Recertification Audit after three years

WHAT IS BEYOND THE SCOPE OF CERTIFICATION ACCORDING TO THE ISO 22301 STANDARD?

  • Applies to all management-system certifications: This certification does not constitute product certification. Certification thus does not provide any direct statements on the quality of a product or service of the certified customer.
  • Certification according to ISO 22301 does not mean that the company manufactures products or provides services of higher quality.
  • Certification according to ISO 22301 does not guarantee that an organisation is equipped to protect against, reduce the probability of occurrence, respond to and recover from disruptions- in each individual case, even though this is one of the key objectives of the management system.
  • A certification does not confirm that the technical and organizational measures taken by the company for managing business continuity are functioning without errors.

Next Steps

Site Selector