Business Continuity Management System -
ISO 22301 Consulting Overview

An organisation achieving ISO 22301 certification implies it has recovery and restoration capability for each outage scenario, be it technology, site, vendor, people/skill or any other dependency. We have a 7 phase approach that starts with understanding your business and continuity objectives. This is followed by Business Impact Analysis (BIA), and Risk Assessment (RA) to determine your minimum business continuity objectives.

Each of our ISO 22301 consulting assignments involves the transfer of knowledge, skills, documented plans, and testing of each of those plans. We create two-layer plans that include restoration of minimum as well as full restoration.

We have implemented ISO 22301 for large Telecoms covering multiple locations, Financial Institutions, and Insurance Companies. Each of them is successfully ISO 22301 certified.

What makes us unique is our involvement in the engagement that ensures your business is capable of successful recovery. Our methodologies of understanding a business, business impact analysis, risk assessment, continuity strategies (focus on outage rather than events), individual restoration plans, Disaster Recovery Plans, rigorous testing, and zero-defect ISO 22301 certification - each of these features contribute to a better return of your business continuity investment.

What are the ISO 22301: 2019 Certification Requirements?
The standard is divided into 10 following clauses. For ISO 22301 certification only Clause 4 to 10 is applicable.
  • Clause 1 – Scope
  • Clause 2 – Normative References
  • Clause 3 – Terms and Definitions
  • Clause 4 – Context of the Organization
  • Clause 5 – Leadership
  • Clause 6 – Planning
  • Clause 7 – Support
  • Clause 8 – Operation
  • Clause 9 – Performance Monitoring
  • Clause 10 – Improvement
Our ISO 22301 Consulting Methodology has the following broad phases
We bring our world-class experience in delivery BCMS ISO 22301 implementation leading to successful certification.


Understanding the business objectives, and business continuity objectives.


Businees Impact Analysis (BIA) and risk assessment.


Management Strategy for recovery


Documenting and communicating individual plans


Testing each of the individual plans


Internal Audit.


This has two stages
1 - Documentation Audit
2 - Implementation Verification

We support you in all phases to help you achieve ISO 22301 certification. Upon successful completion an ISO 22301 certificate is issued which has a validity of 3 years subject to annual surveillance.

We provide bespoke training, listed below are our offerings.

  • Shorter Sessions from 1 hour to 4 hours
  • Interpretation of the ISO 22301 requirements
  • 1 Day Awareness Session
  • 2 Days Internal Audit Course
  • 3 Days Implementation Course covering 10+ hands on exercises

Upon receiving your request, we will provide you further details.

Documentation Toolkit

ISO 22301 requires documentation of policies, procedures and records. As a result of several consulting assignments, we have some of the best content available that covers all the requirements.

Our documentation has the following salient features:

  • Alignment with all ISO 22301 -documentation requirements
  • Our experiences turned into documentation templates
  • Project Tracking tools to support the implementation
  • Q & A support

Upon receiving your request, we will provide you further details.

Internal Audit

An independent assessment helps to assess the state of compliance. Our internal audit methodology includes people, process, technology and measurements to assure and provide management the degree of business continuity assurance and ISO 22301 compliance. Typically 3-5 days are required to perform a comprehensive internal audit.

Upon receiving your request, we will provide you further details.

Business Impact Analysis and Risk Assessment

Business Impact Analysis results in the identification of mission-critical services and activities, determining their outage tolerance, and determine their priority in restoration.Risk Assessment is the analysis of strengths or weaknesses of ‘continuity capability’ to restore services based on technology, site, suppliers, and personnel. We have one of the most comprehensive risk assessment approaches that include ‘continuity capability, 'individual ISO 22301 requirements', and 'individual BC plans’. Let us know if you are interested.Upon receiving your request, we will provide you further details.

Program Management

Our consulting methodology experience has helped us to understand – what it takes to design and maintain a successful ISO 22301 compliance. The outsourcing model removes the compliance responsibility to an external team, whereas the management focuses on customer/business delivery.

Upon receiving your request, we will provide you further details.


Business continuity plans are as good as they are tested. We can help you design and test range of tests that includes (but not limited)

  • Crisis Communication
  • Cyber Attack Simulation
  • IT restoration and recovery in sequence

Upon receiving your request, we will provide you further details.

Call or write to us at :
for proposal / roadmap / information