Business Continuity Management System (BCMS)
A Business Continuity Management System (BCMS) is a set of policies, processes and procedures that are required to plan for and react to an event that threatens your businesses ability to operate normally and achieve its intended outcomes.
The standard is based on seven quality management principles that senior management in your business need to focus on and address. They are:
All recently updated versions of ISO standards have a common structure of 10 sections enabling any business, working to an ISO standard anywhere in the world, to show evidence of:
1-3 – The Scope of your BCMS including normative references, terms & definitions
4 – Understanding the context of your organisation including recognising the needs and expectations of interested parties
5 – Leadership and worker participation
6 – Planning of business activities including addressing risks and opportunities and setting objectives that are S.M.A.R.T. (specific, measureable, achievable, realistic and time-based) that have relevance at all levels of the business meaning each employee understands how their job supports meeting the Business Continuity Planning Objectives
7 – Providing support to enable those activities
8 – Operating your business to achieve the BCMS
9 – Evaluating performance through feedback, internal auditing and management review
10 – Improvement!
Businesses should adopt a “Plan, Do, Check, Act” process approach that can be explained as:
Plan – Your management manual, procedures, work instructions etc.
Do – The actual work you do
Check – How do you monitor, measure, obtain feedback and assess objectives?
Act – Management review activities assess performance and act to improve
This “PDCA” cycle leads to continual improvement and can be summarised as follows:
Working and being certified to the ISO 22301 BCMS standard will help you to:
Following the massive impacts of COVID-19 in 2020 and 2021, holding ISO 22301 is also more and more likely to become a minimum requirement for a service provider to Central and Local Government, FM organisations and large business.
You may be starting from scratch or you may have an existing (possibly already integrated) Management System. Your first consideration should be a “Gap-Analysis” where you acquire a copy of the standard, study every section and detail and identify areas where there is work to be done to comply with the standards requirements. You then create an action plan involving a logical sequence of activities including setting timescales for completion, responsibilities within your organisation and identifying resources needed – summarised as “What, When, Who and How”.
You would normally then run with the BCMS for a period and carry out a full internal audit to check everything is in place and the system is working effectively within your business.
Once you feel you are ready for assessment you can call QSS in to conduct your initial assessment audit. We will spend, depending on the complexity of your business, at least the best part of one day auditing the BCMS against the standard and your documented procedures. This may or may not reveal nonconformities that will have to be addressed and corrected (as applicable) before you are deemed as compliant. Once you are deemed as being compliant QSS will issue a certificate providing third-party independent confirmation that you meet the requirements of ISO 22301. After initial certification, QSS would re-audit you annually to confirm you continue to meet the requirements of the standard.
For a more detailed summary of the contents and requirements of ISO 22301, you may find this website helpful: https://www.praxiom.com/#iso22301
As mentioned above you need to first purchase a copy of the standard and then budget costs for implementing and running the BCMS prior to initial assessment. You may wish to do this yourselves or you may engage an appropriately qualified and experienced independent consultant who can quote to assist you through the preparation process.
QSS can then, on request, complete your initial assessment and set up an annual surveillance cycle.
Please contact us for costs.
© Quality Service Standards Ltd. Registered in England & Wales, Company No. 03804633. Registered Address: Tangent House, 62 Exchange Road, Watford, Herts WD18 0TG.