Implementation of ISO 22301
Business Continuity Management System
All for One provides an organization with comprehensive support in the implementation of the Business Continuity Management System compliant with the ISO 22301 standard.
The implementation of the Business Continuity Management System (BCMS) allows the introduction of comprehensive security and protection of organizational processes against interruptions in operations that may have a critical impact on achieving business goals.
Why ISO 22301?
The global standard for business continuity is ISO 22301. The standard indicates the requirements for business impact analysis, determining critical processes and resources, and building necessary business continuity plans.
The ISO 22301 standard covers all issues related to ensuring the achievement and protection of the organization’s strategic goals in responding to the materialization of risks that may lead to significant disruptions to the organization’s key processes.
Its purpose is to verify and strengthen or build security measures, taking into account the sources of danger which may be people, business processes, natural disasters and technologies.
This standard is a part of the procedures related to building Information Security Management Systems, which enable an efficient response to security incidents in terms of confidentiality, integrity and authenticity of information assets processed by the organization.
All for One Poland support
The implementation of the Business Continuity Management System compliant with ISO 22301 includes the following tasks performed by All for One Poland experts:
- conducting a zero audit
- carrying out an analysis of the company and identifying the processes and areas to be covered by the system (including business impact analysis)
- identifying threats and vulnerabilities
- assisting in carrying out a risk assessment
- assistance in developing or verifying existing system documents, including assistance in integrating the ISO 22301 system with other functioning management systems (in particular ISO / IEC 27001)
- training for employees regarding the requirements of ISO 22301
- training for managers in the field of corrective and preventive actions, and the supervision of documentation and records
- training for internal auditors
- internal audit
- development or verification of documentation required by legal provisions within the scope of the Polish Act on the national cybersecurity system (NIS/KSC)