Thinking of hiring an ISO 22301 consultant?
Profile of an ISO 22301 consultant
ISO 22301 – the standard on business continuity management system lays down a formal set of people, process and technology processes to counteract any business disruption. The benefit of this implementation is an assurance that business will continue in case of ‘any’ disaster or disruption.
The role of the ISO 22301 consultant is therefore very crucial and has to demonstrate several skills.
A combination of expertise goes into making one and delivering a formal ISO 22301 consulting assignment.
The ISO 22301 consultant has to have the following basic skills (not exhaustive):
- Ability to understand the business in terms of ‘organisation in motion’.
- Ability to understand business risks faced by them on a day to day basis
- Ability to identify continuity risks
- Ability to divide the organisation into logical groups to identify candidates for business continuity in a scale up manner
- Ability to perform a gap analysis on ISO 22301 requirements
- Ability to perform using a structured methodology business impact analysis (BIA).
- Ability to identify mission critical activities using a structured approach
- Ability to present management with multiple options of recovery
- Ability to seek management approval by presenting a risk based calculation
- Ability to define and document policy, procedures and specific measurements for each identified iso 22301 processes.
- Ability to envisage and define plans considering events and outages. Event can be fire. And an outage is site outage.
- Ability to measure the maturity of ISO 22301 processes on a predefined scale, provide justification of the identified process
- Ability to advise and define multiple test scenarios as applicable to the organization
- Ability to conduct trainings
- Ability to ensure the cross functional impact as a result of a newly implemented policy
Selection of an iso 22301 consultant therefore has to be done ensuring adequate experience in all of the above.