iso 22301: societal security - business continuity management system

N7_C47_06_2010:N7_C47_06_2010 30/06/10 13:22 Page1

Bureau Veritas Certification Services

ISO 22301: SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEM Keep Your Business Running No Matter What Happens. BUSINESS CHALLENGE Every day our global economy is growing more complex and interdependent. Incidents that occur within your own business or ecosystem can slow down or even halt your activity, directly impacting your customers and bottom line. This holds true for the ICT (Information and Communication Technologies) services, healthcare, government and finance sectors, as well as manufacturing. Anticipating rupture and having a contingency plan in place is essential in order to maintain your business activity no matter what happens.

SOLUTION What is ISO 22301 certification? ISO 22301 standard provides all the requirements for a Business Continuity Management System. This is a methodology and practice that maintains your business despite adverse conditions, minimizing the impact of potential incidents for your customer base, stakeholders and business ecosystem. It is an efficient way of maintaining security, ensuring corporate governance and compliance, protecting your image and reputation, as well as creating a climate of confidence with employees, suppliers, outsourcers, stakeholders and customers. What are the key benefits? Improve performance in case of property or revenue loss Secure cash flow and legal liability Protect employee safety and moral, corporate brand and image

WHY CHOOSE BUREAU VERITAS?

N°7-C47-06/2010

BS 25999-2

BUREAU VERITAS Certification

Network - 5,700 skilled auditors operating in more than 100 countries offer a unique combination of international and local expertise providing consistent services wherever our clients are. Expertise - Our auditors have extensive knowledge of specific industry sectors, local regulations, markets and language that enables them to provide solutions adapted to your needs. Recognition - Bureau Veritas Certification is recognized by more than 40 national and international accreditation bodies across the world. Mark of global recognition - The Bureau Veritas Certification mark is a globally recognized symbol of your organization’s ongoing commitment to excellence, sustainability and reliability.

RELATED SERVICES Beyond ISO 22301, Bureau Veritas Certification provides a large range of services related to risk and supply chain management: Vericert®: risk based audit approach Supplier and network audit Internal audit Supply chain security: ISO 28000 Integrated Certification Bureau Veritas Certification offers the possibility of integrated and/or combined certification with other schemes such as ISO 9001, ISO 14001, OHSAS 18001, ISO 27000 (information security)… SQAS, TDGA, ISO/TS 16949, IRIS, AS/EN 9100… This delivers greater audit efficiency, consistency and optimization.

N7_C47_06_2010:N7_C47_06_2010 30/06/10 13:22 Page2

OUR CERTIFICATION PROCESS Certification

e ag St

Stage 2

it ud 1a

aud

it

CA*

CA*

Pre-audit (optional)

BUREAU VERITAS

Certification audit

Definition of certification scope

Key steps in our certification process are: Definition of certification scope Pre-audit (optional): gap analysis and diagnosis of your current position against standard Certification audit performed in 2 stages: - Stage 1 – readiness review performed to verify that the organization is ready for certification - Stage 2 – evaluation of implementation, including the effectiveness, of the management system of the organization (policy, business impact analysis, risk assessment, BC strategy, incident and management pans, legislation, regulation) A certificate valid for 3 years is issued upon satisfactory results of stage 2 audit Surveillance audits to verify that the management system continues to fulfill the requirements of the standard and monitor the continual improvement Re-certification after 3 years to confirm the continued conformance and effectiveness of the management system as a whole

Certificate issued

BCMS** • Planning • Implementing and Operating • Monitoring and reviewing • Maintaining and improving

Surveillance audits

** BCMS: Business Continuity Management System * CA: Corrective Action (if necessary)

FAQ

Credits: Bureau Veritas - A/S Dansk Shell

Is the Business Continuity Management System certification stand-alone, or does it integrate with other certifications? ISO 22301 was designed to be compatible with ISO 9001, ISO 14001 and ISO 27001. ISO 22301 is based on a plan-do-check-act management system modelled after the proven ISO 9001 framework. Whereas ISO 9001 helps you smoothly run “business as usual”, Business Continuity Management System helps you to quickly get back on track after disruptions. How do you define the scope of Business Continuity Management System? ISO 22301 recommends that businesses define their Business Continuity Management System scope and set objectives with regard to their specific requirements for business continuity; organizational objectives and obligations; acceptable level of risk, statutory, regulatory and contractual duties; and interests of their key stakeholders. In addition to providing Business Continuity Management System certification services, does Bureau Veritas Certification provide this type of training? Yes. This is especially beneficial to companies executing internal Business Continuity Management System audits or to help prepare for a certification. Building internal competencies in Business Continuity Management will speed and smooth the adoption of good practices, ultimately leading to a quicker certification.

CONTACT

FOR MORE INFORMATION

For details about this service, please contact

please visit: www.bureauveritas.co.in

Bureau Veritas Certification India Pvt. Ltd. By phone: +91-22-6695 6300 By e-mail: [email protected]