Overview

  • As a Business Continuity ISO 22301 consulting service provider, we advise our clients for ISO 22301 certification through a 6-phase implementation approach that includes understanding client business, their products and services, continuity objectives, business impact analysis, risk assessments, individual plans for restoration and recovery, testing, measurement and audit thereby leading to successful ISO 22301 certification.
  • With 20 years of business continuity practice, our methodology has been successfully implemented in business of all sizes and sectors, across the globe. Whether your business is 24-7, and cannot tolerate even a single minute of outage, or a startup in AI-ML-Data Science, SAAS, PAAS, IAAS provider, product developer or customer, or brick and mortar local or global business, we have implemented BCMS in fairly all industry sectors.
  • Restoration of business generally involves everyone in the organisation in one-way or the other. We consider our methodology as most comprehensive as we involve every client key stakeholders in our business continuity ISO 22301 implementation journey. We ensure ‘continuity by design’ principles as part of your business DNA.
  • Our consulting journey will leave you with a governance framework, which will ensure that each business process has the continuity plans and procedures to recover within an optimal period of time.
  • How fast can Coral get us ISO 22301 certified? We follow an agile philosophy where phases of the project can run in parallel, resulting in achieving ISO 22301 certification faster.
  • Contact us today to get started

Please share your Business Continuity requirements

Captcha
BCMS – ISO 22301 Consulting Engagement Phases
Here is a brief overview of al the phases involves in implementing Business Continuity Management System (BCMS) – ISO 22301 certification.

PHASE I - Understanding Business, and Products and Services

  • Every client is unique with its business model, products and services, customers and business objectives.
  • Identifying mission critical services that are revenue generating are the primary goal of this phase.
  • The BCMS-ISO 22301 implementation journey starts with this phase as it provides them to define prioritisation of what is truly critical.
  • This is where values like maximum tolerable period of disruption (MTPD), and recovery time objective (RTO) at the enterprise level are defined.

PHASE II - Business Impact Analysis and Risk Assessment

  • Based upon the outcome of the phase 1, a more detailed functional level Business impact analysis (BIA), and Risk Assessment (RA) is performed.
  • Business Impact Analysis results in determining how fast (or slow) a team needs to be recovered
  • Risk Assessment is the art and science of assessing current capacity, capability and readiness to achieve the objective within agreed MTPOD/RTO.
  • How comprehensive is the BIA and risk assessment? We perform a 4-phase outage scenario that applies to determine degree of recovery capability that results in providing a client an unparalleled perspective of their continuity readiness.
  • This is where business continuity risks are identified, which needs too be treated.

PHASE III - Continuity Planning and Documentation

  • Based on the outputs of the previous two phases and the mandatory requirements of ISO 22301, detail documentation is designed, discussed and deliberated with management and functional representatives.
  • Depending upon the organisation, the planning could cover both ‘known events’ and unknown ‘black swan’ events.
  • Every team in the scope undergoes documentation on business impact analysis, Maximum tolerable period of disruption (MTPD), RTO and RPO determination, business continuity risk assessment, individual plans related to four strategic outage scenarios, and testing methodology."

PHASE IV - BCP Testing

  • Business continuity plan is as good as it has been tested. With this approach in mind, we hand hold clients to perform testing of their documented plans to the optimum level.
  • This involves management, functional, operational and recovery and response teams.
  • Plans are evaluated against RTO to determine the success or failure of the test, and loopholes identified are addressed as part of the overall BCMS risk and governance program.

PHASE V - Internal Audit and Management Review

  • Internal audit start with preparation of ISO 22301 checklist and understanding the maturity of the BCMS developed so far.
  • Internal Audit involves verifying the effectiveness of the implemented business continuity plans, and the ownership, and awareness across the organisation. It also helps to assess the maturity of the organisational process as business dynamics change.
  • A formal report is published for management review.
  • We facilitate reviews with the management to ensure that the initial business continuity/ISO 22301 requirement objectives and goals are achieved.

PHASE VI - External Certification Support

Chosen external certification body audit performs ISO 22301 certification in two phases:

  • Stage 1 – Documentation Review, and
  • Stage 2 - Implementation Verification

With the two phases completed, the certification body issues an ISO 22301 certificate.
Finally, upon receiving their ISO 22301 certificates, the clients are officially ISO 22301 certified.

Questions?

Seek a one to one session with our Principal Consultant, who will answer your questions to get started.

We support you in all phases to help you achieve ISO 22301 certification. Upon successful completion an ISO 22301 certificate is issued which has a validity of 3 years subject to annual surveillance.

What are the ISO 22301: 2019 Certification Requirements?

Coverage
The standard is divided into 10 following clauses. For ISO 22301 certification only Clause 4 to 10 is applicable.
  • Clause 1 – Scope
  • Clause 2 – Normative References
  • Clause 3 – Terms and Definitions
  • Clause 4 – Context of the Organization
  • Clause 5 – Leadership
  • Clause 6 – Planning
  • Clause 7 – Support
  • Clause 8 – Operation
  • Clause 9 – Performance Monitoring
  • Clause 10 – Improvement
Training

We provide bespoke training, listed below are our offerings.

  • Shorter Sessions from 1 hour to 4 hours
  • Interpretation of the ISO 22301 requirements
  • 1 Day Awareness Session
  • 2 Days Internal Audit Course
  • 3 Days Implementation Course covering 10+ hands on exercises

Upon receiving your request, we will provide you further details.

Contact Us Now !
Documentation Toolkit

ISO 22301 requires documentation of policies, procedures and records. As a result of several consulting assignments, we have some of the best content available that covers all the requirements.

Our documentation has the following salient features:

  • Alignment with all ISO 22301 -documentation requirements
  • Our experiences turned into documentation templates
  • Project Tracking tools to support the implementation
  • Q & A support

Upon receiving your request, we will provide you further details.

Contact Us Now !
Internal Audit

An independent assessment helps to assess the state of compliance. Our internal audit methodology includes people, process, technology and measurements to assure and provide management the degree of business continuity assurance and ISO 22301 compliance. Typically 3-5 days are required to perform a comprehensive internal audit.

Upon receiving your request, we will provide you further details.

Contact Us Now !
Business Impact Analysis and Risk Assessment

Business Impact Analysis results in the identification of mission-critical services and activities, determining their outage tolerance, and determine their priority in restoration.Risk Assessment is the analysis of strengths or weaknesses of ‘continuity capability’ to restore services based on technology, site, suppliers, and personnel. We have one of the most comprehensive risk assessment approaches that include ‘continuity capability, 'individual ISO 22301 requirements', and 'individual BC plans’. Let us know if you are interested.Upon receiving your request, we will provide you further details.

Contact Us Now !
Program Management

Our consulting methodology experience has helped us to understand – what it takes to design and maintain a successful ISO 22301 compliance. The outsourcing model removes the compliance responsibility to an external team, whereas the management focuses on customer/business delivery.

Upon receiving your request, we will provide you further details.

Contact Us Now !
Exercises

Business continuity plans are as good as they are tested. We can help you design and test range of tests that includes (but not limited)

  • Crisis Communication
  • Cyber Attack Simulation
  • IT restoration and recovery in sequence

Upon receiving your request, we will provide you further details.

Contact Us Now !
Call or write to us at :
for proposal / roadmap / information
Contact Us Now !
Consulting Services
Why Coral?
Contact Us
Quick Contact
Captcha

© 2023 www.coralesecure.com. All rights reserved | Privacy Policy

Webdesign by: India Internets