iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty!
CEN

prEN ISO 22361

(Main)

Security and resilience - Crisis management - Guidelines for a strategic capability (ISO/DIS 22361:2021)

Security and resilience - Crisis management - Guidelines for a strategic capability (ISO/DIS 22361:2021)

This document provides guidance on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability. It is intended for any organization regardless of location, size, type, industry, structure, or sector.
This document provides guidance for:
—   understanding the context and challenges of crisis management;
—   developing an organization’s crisis management capability through preparedness (see 5.5);
—   recognizing the complexities facing a crisis team in action;
—   communicating successfully during a crisis; and
—   reviewing and learning.
It is intended for management with strategic responsibilities for the delivery of a crisis management capability. It is for those who operate under the direction and within policy of top management in:
—   implementing the crisis plans and structures; and
—   maintaining and assuring the procedures associated with the capability.
It is not intended for emergency and incident response - these require the application of operational procedures whereas crisis management relies on an adaptive, agile, and flexible strategic response).  It does not cover interoperability or command and control or business continuity management systems. While it is important to be aware of human and cultural factors as they can cause stress when working as individuals and as part of groups, it is not the purpose of this document to examine aspects of these areas in detail.

Sicherheit und Resilienz - Krisenmanagement - Leitlinien für die Entwicklung einer Strategie (ISO/DIS 22361:2021)

Sécurité et résilience - Gestion de crise - Lignes directrices pour une capacité stratégique (ISO/DIS 22361:2021)

Varnost in vzdržljivost - Krizno vodenje - Navodilo za strateško zmogljivost (ISO/DIS 22361:2021)

General Information

Status
Not Published
ICS
03.100.01 - Company organization and management in general
Technical Committee
CEN/TC 391 - Societal and Citizen Security
Drafting Committee
CEN/TC 391/WG 3 - Crisis management/civil protection
Current Stage
Ref Project
oSIST prEN ISO 22361:2022 - Security and resilience - Crisis management - Guidelines for a strategic capability (ISO/DIS 22361:2021)

RELATIONS

Revised
CEN/TS 17091:2018 - Crisis management - Guidance for developing a strategic capability
Effective Date
09-Jun-2021

Buy Standard

prEN ISO 22361:2022 - BARVE na PDF-str 16,28prEN ISO 22361:2022 - BARVE na PDF-str 16,28
PreviousNext
Draft
prEN ISO 22361:2022 - BARVE na PDF-str 16,28
English language
43 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
oSIST prEN ISO 22361:2022
01-januar-2022
Varnost in vzdržljivost - Krizno vodenje - Navodilo za strateško zmogljivost
(ISO/DIS 22361:2021)

Security and resilience - Crisis management - Guidelines for a strategic capability

(ISO/DIS 22361:2021)

Sicherheit und Resilienz - Krisenmanagement - Leitlinien für die Entwicklung einer

Strategie (ISO/DIS 22361:2021)
Sécurité et résilience - Gestion de crise - Lignes directrices pour une capacité
stratégique (ISO/DIS 22361:2021)
Ta slovenski standard je istoveten z: prEN ISO 22361
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
oSIST prEN ISO 22361:2022 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN ISO 22361:2022
---------------------- Page: 2 ----------------------
oSIST prEN ISO 22361:2022
DRAFT INTERNATIONAL STANDARD
ISO/DIS 22361
ISO/TC 292 Secretariat: SIS
Voting begins on: Voting terminates on:
2021-11-01 2022-01-24
Security and resilience — Crisis management — Guidelines
for a strategic capability
ICS: 03.100.01
THIS DOCUMENT IS A DRAFT CIRCULATED
This document is circulated as received from the committee secretariat.
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
ISO/CEN PARALLEL PROCESSING
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 22361:2021(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION. ISO 2021
---------------------- Page: 3 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Crisis management: Context, core concepts and principles .................................................................................... 3

4.1 The nature of crises ............................................................................................................................................................................ 3

4.2 Characteristics of a crisis .............................................................................................................................................................. 4

4.3 Potential origins of crises .............................................................................................................................................................. 6

4.4 Readiness to respond and recover ......................................................................................................................................... 7

4.5 Principles for crisis management ........................................................................................................................................... 7

5 Building a crisis management capability .................................................................................................................................... 9

5.1 General ........................................................................................................................................................................................................... 9

5.2 Crisis Management Framework ............................................................................................................................................... 9

5.2.1 Leadership ............................................................................................................................................................................. 9

5.2.2 Structure ..............................................................................................................................................................................10

5.2.3 Culture ...................................................................................................................................................................................11

5.2.4 Competence .......................................................................................................................................................................11

5.3 Crisis Management Process ......................................................................................................................................................11

5.3.1 Anticipation .......................................................................................................................................................................11

5.3.2 Assessment ........................................................................................................................................................................12

5.3.3 Prevention and Mitigation ....................................................................................................................................12

5.3.4 Preparedness ...................................................................................................................................................................12

5.3.5 Response .............................................................................................................................................................................16

5.3.6 Recovery ...............................................................................................................................................................................19

5.3.7 Continual improvement ..........................................................................................................................................20

6 Crisis leadership ................................................................................................................................................................................................20

6.1 Core leadership skills and attributes ................................................................................................................................20

6.1.1 Role and responsibility of the crisis leader(s) ....................................................................................21

6.2 Wellbeing and sustainable crisis response ..................................................................................................................22

6.2.1 Crisis management responders .......................................................................................................................22

6.2.2 Wider interested party impact .........................................................................................................................22

7 Strategic crisis decision-making .......................................................................................................................................................23

7.1 General ........................................................................................................................................................................................................23

7.2 Why decision-making can be challenging ....................................................................................................................24

7.3 Dilemmas, decision delay, decision avoidance .........................................................................................................24

7.4 Decision-making issues ................................................................................................................................................................25

7.5 Effective crisis decision-making ............................................................................................................................................25

8 Crisis communications ................................................................................................................................................................................26

8.1 Introduction ...........................................................................................................................................................................................26

8.2 Pre-crisis preparation ....................................................................................................................................................................26

8.3 Managing relationships and reputation .........................................................................................................................27

8.4 Key roles ....................................................................................................................................................................................................27

8.4.1 Communication team ................................................................................................................................................27

8.4.2 Spokespeople ...................................................................................................................................................................28

8.4.3 Media relations .............................................................................................................................................................28

8.5 Crisis communications strategy ............................................................................................................................................28

8.6 Key principles and activities of crisis communications ....................................................................................29

8.7 Consistency of message ................................................................................................................................................................29

8.8 Barriers to effective communication.................................................................................................................................30

8.9 Social media: the opportunities and threats .............................................................................................................30

© ISO 2021 – All rights reserved iii
---------------------- Page: 5 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

9 Training, validation and learning from crises ....................................................................................................................31

9.1 General ........................................................................................................................................................................................................31

9.2 Developing competence ...............................................................................................................................................................31

9.3 Training ......................................................................................................................................................................................................32

9.4 Exercising .................................................................................................................................................................................................33

9.5 Validation ..................................................................................................................................................................................................34

9.6 Evaluating and Learning ..............................................................................................................................................................34

Bibliography .............................................................................................................................................................................................................................36

iv © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.

This document was prepared by Technical Committee ISO/TC 292 Security and resilience.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 7 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
Introduction

This standard is to aid in the design and ongoing development of an organization’s crisis management

capability. It sets out principles and practices needed by all organizations.

Crises present organizations with complex challenges and, possibly, opportunities that can have

profound and far-reaching consequences. An organization’s crisis management capability and its ability

to manage a changing environment are key factors in determining whether a situation or incident has

the potential to pose a serious or existential threat to the organization and its environment. The crisis

affecting an organization can be part of a broader crisis.
Note please refer to definition of crisis

To ensure the crisis management capability has the desired outcome, the organization should provide

— committed leadership

— structures (e.g., funding, communications, relationships and linkages, equipment, facilities,

information management, principles, processes and procedures
— supportive culture (e.g., values, ethics, code of conducts, etc.)
— competent personnel (e.g., knowledge, skills and attitude, flexible thinking)

An organization’s crisis management capability will be influenced by its relationship with other

interdependent areas such as risk management, business continuity, information security, physical

security, safety, civil protection, incident response, and emergency management.

The organization should adopt a structured approach to crisis management by applying a set of

principles on which a crisis management framework can be developed. This should include elements of

organizational culture, leadership, competencies and structure that supports the implementation of a

crisis management capability in a purposeful, consistent and rigorous manner. (see Figure 1)

vi © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

Figure 1 — Building a crisis management capability: Principles, framework and process

The structure of the document is as follows: the core concepts of Crisis Management are described

(section 4), then the framework and process for building a Crisis Management capability are outlined in

section 5. The following sections provide more detail on: Crisis Leadership (section 6), Strategic crisis

decision-making (section 7), Crisis communications (section 8) and Training, Validation and learning

from crises (section 9).
© ISO 2021 – All rights reserved vii
---------------------- Page: 9 ----------------------
oSIST prEN ISO 22361:2022
---------------------- Page: 10 ----------------------
oSIST prEN ISO 22361:2022
DRAFT INTERNATIONAL STANDARD ISO/DIS 22361:2021(E)
Security and resilience — Crisis management — Guidelines
for a strategic capability
1 Scope

This international standard provides guidelines for crisis management to help organizations plan,

establish, maintain, review and continually improve a strategic crisis management capability. These

guidelines can help any organization to identify and manage a crisis. Elements for consideration

include:
— context, core concepts, principles, and challenges (clause 4)
— developing an organization’s crisis management capability (clause 5)
— crisis leadership (clause 6)
— the challenges and complexities facing a crisis team in action (clause 7)
— crisis communication (clause 8)
— training, validation and learning from crises (clause 9)

It is intended for top management with strategic responsibilities for the delivery of a crisis management

capability in any organization. It is also meant to be used by those who operate under the direction of

top management. All those with responsibilities should:
— implement the crisis management plan and structures
— maintain and assure the procedures associated with the capability

This document acknowledges the relationship and interdependencies with various disciplines but is

distinct from these topics.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 22300, Security and resilience — Vocabulary
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 22300 and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online Browsing Platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
© ISO 2021 – All rights reserved 1
---------------------- Page: 11 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
3.1
capability

ability to accomplish an undertaking with a defined intended outcome and within specified conditions

Note 1 to entry: Note to entry: An organizational capability depends on the available resources and organizational

principles, framework (leadership, structure, culture, competences) and processes

3.2
crisis

abnormal or extraordinary event or situation that threatens an organization or community and

requires a strategic, adaptive, and timely response in order to preserve its viability and integrity

Note 1 to entry: The event or situation might include a high degree of complexity, instability, and uncertainty.

Note 2 to entry: The event or situation might exceed the response capacity or capability of the organization

Note 3 to entry: Given the nature of a crisis a flexible and dynamic approach is needed in addition to any rehearsed

plans and procedures.

Note 4 to entry: Threats can impact upon the organization’s ability to function, its reputation, brand, physical,

political, intellectual property, organizational structure, human, environment and economic factors

Note 5 to entry: the term “organization" also includes governmental and non-governmental agencies and national

authorities in the public sector, as well as NGO’s and charities
3.3
crisis management

coordinated activities to lead, direct and control an organization with regard to crisis

3.4
crisis management team (CMT)

group of individuals functionally responsible for leading the organization’s crisis management

response
3.5
crisis management plan (CMP)

document specifying which procedures and associated resources are to be applied by whom and where

in a crisis
3.6
incident

event or situation that can be, or could lead to, a disruption, loss, emergency, or crisis(ISO 22300

modified by inclusion of “event or”)
3.7
interested party (preferred term)
stakeholder (admitted term)

person or organization that can affect, be affected by, or perceive themselves to be affected by a decision

or activity
3.8
governance of organizations

human-based system by which an organization (3.13) is directed, overseen and held accountable for

achieving its defined purpose
3.9
situation report

summary, either verbal or written, outlining the current state and potential development of an incident

or crisis and the response to it
2 © ISO 2021 – All rights reserved
---------------------- Page: 12 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
3.10
situational awareness

perception of the elements in the environment within a volume of time and space, the comprehension of

their meaning and a projection of their status in the near future
3.11
top management

person or group of people who directs and controls an organization at the highest level

3.12
issue

event or situation that does not currently present, but could develop into, a long-term or significant

negative impact on the strategic objectives, reputation or viability of the organization.

Note 1 to entry: Effectively responding to emerging issues can result in the successful aversion of a crisis

3.13
organization

person or group of people that has its own functions with responsibilities, authorities and relationships

to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to sole-trader, company, corporation, firm,

enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated

or not, public or private.
3.14
crisis communication

communications both internal and external to provide information, updates and instructions to

internal and external stakeholders.

Note 1 to entry: Note to entry: adequate crisis communication may also protect the organization’s reputation and

brand and maintain its public image
4 Crisis management: Context, core concepts and principles
4.1 The nature of crises

Crises can be associated with highly complex issues, the full implications and nature of which might

be unclear at the time. Possible decisions and actions can have severe negative consequences, and

decision-makers at all levels might have to choose the least detrimental solution (see 7.4) and resolve

(or recognize and accept) fundamental strategic dilemmas. This might mean that every choice comes

with a penalty of some kind and there is no ideal solution.

Premature or ill-considered decisions on actions or processes to manage a crisis may have potential to

cause significant consequences and cause additional harm or exacerbate the crisis situation and should

be avoided. If the range of available options being considered can reduce the impact of a crisis yet have

adverse consequences upon other organizational objectives, it may be necessary to choose the option

that has the potential to create the least amount of loss or disruption to the organization

Crises often involve threats to people or assets, such as property, information, and reputation.

A crisis may require an organization to review its objectives, opportunities, strategies, policies,

practices or procedures or culture as part of continual improvement. An organization faced with public

or media scrutiny as a consequence of a crisis, should demonstrate confidence in its plan to review and

amend its practices as necessary and to accept responsibility for decision making by management

A well-managed crisis can demonstrate the positive qualities of an organization and enhance its

reputation
© ISO 2021 – All rights reserved 3
---------------------- Page: 13 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)
4.2 Characteristics of a crisis

A crisis can be complex and challenging and it can also provide opportunities for an organization to

clearly demonstrate core values, effective controls, governance, and crisis response, review and

learning.

Although many crises appear to be unique there are often consistent characteristics. Understanding

these characteristics enables the improvement of the crisis management capability by comprehending

the difference in the application of these characteristics.

Often, a crisis is precipitated by an incident. There are some common characteristics that are found

in both an incident and a crisis. Table 1 highlights some of the differences and Figure 2 shows the

relationship between an incident and a crisis.
Table 1 — Key distinctions between incidents and crises
Characteristics Incidents Crises
Predictability Incidents are generally fore- Crises are typically unique, rare,
seeable, although their specific events or situations. Some crises can
timing, type and impact are be anticipated; however, timing and
variable. impact usually are not always foresee-
able.
Onset Incidents can be no-notice or Crises can also occur from a no-notice
short-notice disruptive events, or short-notice event. They can also
or they can emerge through emerge from an incident that has not
a gradual failure or loss of been contained, has been managed
control. badly or further escalates to have rep-
utational consequences, and requiring
a crisis-level response.

Urgency and pressure In managing an incident, there A crisis always needs urgent attention

is usually a high sense of urgen- as the impact can be very high. Given
cy to act to either prevent the the potential impact and the fact that a
situation from getting worse or crisis has more visibility it is common
to minimize its impact. that it places a high level of pressure
on the organization.
Impacts Incidents are events which, Crises can disrupt or affect the entire
although they can take consid- organization, transcending organi-
erable resources to manage, zational, geographical and sectoral
never threaten the existence boundaries. As crises tend to be
of the organization or have a complex and inherently uncertain,
major long-term impact on its the long-term impacts can be difficult
reputation. The impacts are to assess. A badly handled crisis can
usually local or affect only a lead to a catastrophic loss of func-
part of the organization. tionality, values, trust and reputation.
These negative impacts can have a
Incidents are generally man-
lasting detrimental effect on the or-
ageable, and although the im-
ganization. Crisis can lead to the con-
pact on interested parties can
clusion that the legal situation must be
be severe, it is manageable and
adjusted during the crisis.
temporary. An incident can
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 22313:2020(Main)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
SIST EN ISO 22313:2020

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.
This document is applicable to organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.

  • Standard
    70 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22301:2019(Main)
Security and resilience - Business continuity management systems - Requirements (ISO 22301:2019)
SIST EN ISO 22301:2020

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
This document is applicable to all types and sizes of organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
This document can be used to assess an organization's ability to meet its own business continuity needs and obligations.

  • Standard
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 17091:2018(Main)
Crisis management - Guidance for developing a strategic capability
SIST-TS CEN/TS 17091:2018

This document provides guidance on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability. It is intended for any organization regardless of location, size, type, industry, structure, or sector. While it is important to be aware of human and cultural factors as they can cause stress when working as individuals and as part of groups, it is not the purpose of this document to examine aspects of these areas in detail.
This document provides guidance for:
- understanding the context and challenges of crisis management;
- developing an organization’s crisis management capability through preparedness (see 5.5);
- recognizing the complexities facing a crisis team in action;
- communicating successfully during a crisis; and
- reviewing and learning.
NOTE 1 For further information on organizational resilience, see ISO 22316.
This technical specification is intended for management with strategic responsibilities for the delivery of a crisis management capability. It is for those who operate under the direction and within policy of top management in:
- implementing the crisis plans and structures; and
- maintaining and assuring the procedures associated with the capability.
It is not intended for emergency and incident response - these require the application of operational procedures whereas crisis management relies on an adaptive, agile, and flexible strategic response (see 4.3).
It does not cover interoperability or command and control or business continuity management systems.
NOTE 2 For more information on interoperability and command and control, see ISO 22320. For more information on business continuity management systems, please see EN ISO 22301.

  • Technical specification
    34 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22397:2018(Main)
Societal security - Guidelines for establishing partnering arrangements (ISO 22397:2014)
SIST EN ISO 22397:2018

ISO 22397:2014 provides guidelines for establishing partnering arrangements among organizations to manage multiple relationships for events impacting on societal security. It incorporates principles and describes the process for planning, developing, implementing and reviewing partnering arrangements.
ISO 22397:2014 is applicable to all organizations regardless of type, size and nature of activity whether in or between the private, public, or not-for-profit sectors.

  • Standard
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22315:2018(Main)
Societal security - Mass evacuation - Guidelines for planning (ISO 22315:2014)
SIST EN ISO 22315:2018

ISO 22315:2014 provides guidelines for mass evacuation planning in terms of establishing, implementing, monitoring, evaluating, reviewing, and improving preparedness. It establishes a framework for each activity in mass evacuation planning for all identified hazards. It will help organizations to develop plans that are evidence-based and that can be evaluated for effectiveness.
ISO 22315:2014 is intended for use by organizations with responsibility for, or involvement in, part or all of the planning for mass evacuation. It is applicable to all types and sizes of organizations that are involved in the planning for mass evacuation, such as local, regional, and national governments; statutory bodies; international and non-governmental organizations; businesses; and public and social groups.
ISO 22315:2014 covers planning for mass evacuation in order to gain a more effective response during the actual evacuation. It will assist organizations to meet their obligation of saving human life and reducing suffering.
ISO 22315:2014 does not cover activities to stabilize the affected area after an evacuation, protect property, and preserve the environment.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22311:2014(Main)
Societal security - Video-surveillance - Export interoperability (ISO 22311:2012)
SIST EN ISO 22311:2015

ISO 22311:2012 is mainly for societal security purposes and specifies a common output file format that can be extracted from the video-surveillance contents collection systems (stand alone machines or large scale systems) by an exchangeable data storage media or through a network to allow end-users to access digital video-surveillance contents and perform their necessary processing.

  • Standard
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22300:2021(Main)
Security and resilience - Vocabulary (ISO 22300:2021)
SIST EN ISO 22300:2021

This document defines terms used in security and resilience standards.

  • Standard
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
prEN ISO 22319(Main)
Security and resilience - Community resilience - Guidelines for planning the involvement of spontaneous volunteers (ISO 22319:2017)
oSIST prEN ISO 22319:2021

ISO 22319:2017 provides guidelines for planning the involvement of spontaneous volunteers (SVs) in incident response and recovery. It is intended to help organizations to establish a plan to consider whether, how and when SVs can provide relief to a coordinated response and recovery for all identified hazards. It helps identify issues to ensure the plan is risk-based and can be shown to prioritize the safety of SVs, the public they seek to assist and incident response staff.
ISO 22319:2017 is intended for use by organizations with responsibility for, or involvement in, part or all of the planning for working with SVs. It is applicable to all types and sizes of organizations that are involved in the planning for, and management of, SVs (e.g. local, regional, and national governments, statutory bodies, international and non-governmental organizations, businesses and public and community groups).
The range of tasks performed by SVs can require only basic planning (e.g. for people who are first on the scene), or a plan that is more complex (e.g. for people who travel to the affected area to volunteer).
Coordinating the participation of volunteers who are affiliated to voluntary or professional organizations to provide relief is not within the scope of this document.

  • Draft
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22313:2020(Main)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
SIST EN ISO 22313:2020

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.
This document is applicable to organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.

  • Standard
    70 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22301:2019(Main)
Security and resilience - Business continuity management systems - Requirements (ISO 22301:2019)
SIST EN ISO 22301:2020

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
This document is applicable to all types and sizes of organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
This document can be used to assess an organization's ability to meet its own business continuity needs and obligations.

  • Standard
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day