Overview

  • As a Business Continuity ISO 22301 consulting service provider, we advise our clients for ISO 22301 certification through a 6-phase implementation approach that includes understanding client business, their products and services, continuity objectives, business impact analysis, risk assessments, individual plans for restoration and recovery, testing, measurement and audit thereby leading to successful ISO 22301 certification.
  • With 20 years of business continuity practice, our methodology has been successfully implemented in business of all sizes and sectors, across the globe. Whether your business is 24-7, and cannot tolerate even a single minute of outage, or a startup in AI-ML-Data Science, SAAS, PAAS, IAAS provider, product developer or customer, or brick and mortar local or global business, we have implemented BCMS in fairly all industry sectors.
  • Restoration of business generally involves everyone in the organisation in one-way or the other. We consider our methodology as most comprehensive as we involve every client key stakeholders in our business continuity ISO 22301 implementation journey. We ensure ‘continuity by design’ principles as part of your business DNA.
  • Our consulting journey will leave you with a governance framework, which will ensure that each business process has the continuity plans and procedures to recover within an optimal period of time.
  • How fast can Coral get us ISO 22301 certified? We follow an agile philosophy where phases of the project can run in parallel, resulting in achieving ISO 22301 certification faster.
  • Contact us today to get started

Please share your Business Continuity requirements

BCMS – ISO 22301 Consulting Engagement Phases
Here is a brief overview of al the phases involves in implementing Business Continuity Management System (BCMS) – ISO 22301 certification.

Phase I - Understanding Business, and Products and Services

  • Every client is unique with its business model, products and services, customers and business objectives.
  • Identifying mission critical services that are revenue generating are the primary goal of this phase.
  • The BCMS-ISO 22301 implementation journey starts with this phase as it provides them to define prioritisation of what is truly critical.
  • This is where values like maximum tolerable period of disruption (MTPD), and recovery time objective (RTO) at the enterprise level are defined.

Phase II - Business Impact Analysis and Risk Assessment

  • Based upon the outcome of the phase 1, a more detailed functional level Business impact analysis (BIA), and Risk Assessment (RA) is performed.
  • Business Impact Analysis results in determining how fast (or slow) a team needs to be recovered
  • Risk Assessment is the art and science of assessing current capacity, capability and readiness to achieve the objective within agreed MTPOD/RTO.
  • How comprehensive is the BIA and risk assessment? We perform a 4-phase outage scenario that applies to determine degree of recovery capability that results in providing a client an unparalleled perspective of their continuity readiness.
  • This is where business continuity risks are identified, which needs too be treated.

Phase III - Continuity Planning and Documentation

  • Based on the outputs of the previous two phases and the mandatory requirements of ISO 22301, detail documentation is designed, discussed and deliberated with management and functional representatives.
  • Depending upon the organisation, the planning could cover both ‘known events’ and unknown ‘black swan’ events.
  • Every team in the scope undergoes documentation on business impact analysis, Maximum tolerable period of disruption (MTPD), RTO and RPO determination, business continuity risk assessment, individual plans related to four strategic outage scenarios, and testing methodology."

Phase IV - BCP Testing

  • Business continuity plan is as good as it has been tested. With this approach in mind, we hand hold clients to perform testing of their documented plans to the optimum level.
  • This involves management, functional, operational and recovery and response teams.
  • Plans are evaluated against RTO to determine the success or failure of the test, and loopholes identified are addressed as part of the overall BCMS risk and governance program.

Phase V - Internal Audit and Management Review

  • Internal audit start with preparation of ISO 22301 checklist and understanding the maturity of the BCMS developed so far.
  • Internal Audit involves verifying the effectiveness of the implemented business continuity plans, and the ownership, and awareness across the organisation. It also helps to assess the maturity of the organisational process as business dynamics change.
  • A formal report is published for management review.
  • We facilitate reviews with the management to ensure that the initial business continuity/ISO 22301 requirement objectives and goals are achieved.

Phase VI - External Certification Support

Chosen external certification body audit performs ISO 22301 certification in two phases:

  • Stage 1 – Documentation Review, and
  • Stage 2 - Implementation Verification

With the two phases completed, the certification body issues an ISO 22301 certificate.
Finally, upon receiving their ISO 22301 certificates, the clients are officially ISO 22301 certified.

Questions?

Seek a one to one session with our Principal Consultant, who will answer your questions to get started.

We support you in all phases to help you achieve ISO 22301 certification. Upon successful completion an ISO 22301 certificate is issued which has a validity of 3 years subject to annual surveillance.

What are the ISO 22301: 2019 Certification Requirements?

Coverage
The standard is divided into 10 following clauses. For ISO 22301 certification only Clause 4 to 10 is applicable.
  • Clause 1 – Scope
  • Clause 2 – Normative References
  • Clause 3 – Terms and Definitions
  • Clause 4 – Context of the Organization
  • Clause 5 – Leadership
  • Clause 6 – Planning
  • Clause 7 – Support
  • Clause 8 – Operation
  • Clause 9 – Performance Monitoring
  • Clause 10 – Improvement
Call or write to us at :
for proposal / roadmap / information
Would You Like To Speak To Our Business Continuity ISO 22301 Consultant?
Contact Us Now !