EN ISO 22313:2020
(Main)Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.
This document is applicable to organizations that:
a) implement, maintain and improve a BCMS;
b) seek to ensure conformity with stated business continuity policy;
c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d) seek to enhance their resilience through the effective application of the BCMS.
The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.
Sicherheit und Resilienz - Business Continuity Management Systems - Anleitung zur Verwendung von ISO 22301 (ISO 22313:2020)
Dieses Dokument gibt Leitlinien und Empfehlungen zur Anwendung der Anforderungen des Business Continuity Management Systems (BCMS), die in ISO 22301 vorgegeben sind. Die Leitlinien und Empfehlungen beruhen auf anerkannter internationaler Praxis.
Dieses Dokument ist auf Organisationen anwendbar, die:
a) ein BCMS umsetzen, aufrechterhalten und verbessern;
b) eine Übereinstimmung mit der erklärten Politik zur Aufrechterhaltung der Betriebsfähigkeit sicherstellen wollen;
c) die Fähigkeit benötigen, die Belieferung mit Produkten und Dienstleistungen mit einer akzeptablen, zuvor festgelegten Kapazität während einer Betriebsstörung fortzusetzen;
d) versuchen, ihre Resilienz durch die effektive Anwendung des BCMS zu verbessern.
Die Leitlinien und Empfehlungen sind anwendbar für alle Organisationsgrößen und -typen, einschließlich großer, mittlerer und kleiner Unternehmen, die im industriellen, kommerziellen, öffentlichen und gemeinnützigen Bereich tätig sind. Die angewendete Vorgehensweise ist von der betrieblichen Umgebung und der Komplexität der jeweiligen Organisation abhängig.
Sécurité et résilience - Systèmes de management de la continuité d'activité - Lignes directrices sur l'utilisation de l'ISO 22301 (ISO 22313:2020)
Le présent document donne des lignes directrices et recommandations relatives à l'application des exigences pour le système de management de la continuité d'activité (SMCA) de l'ISO 22301. Ces lignes directrices et recommandations sont basées sur la bonne pratique internationale.
Le présent document s'applique aux organismes qui:
a) mettent en œuvre, maintiennent et améliorent un SMCA;
b) cherchent à assurer la conformité à la politique de continuité d'activité déclarée;
c) ont besoin d'être aptes à poursuivre la livraison de produits et la fourniture de services à un niveau de capacité acceptable et préalablement défini durant une perturbation;
d) cherchent à améliorer leur résilience à travers l'application efficace du SMCA.
Les lignes directrices et recommandations s'appliquent à toute taille et tout type d'organismes, qu'ils soient grands, moyens ou petits et qu'ils fonctionnent dans les secteurs industriels, commerciaux, publics ou à but non lucratif. L'approche adoptée dépend de l'environnement et de la complexité de fonctionnement de l'organisme.
Varnost in vzdržljivost - Sistem vodenja neprekinjenosti poslovanja - Navodilo za uporabo standarda ISO 22301 (ISO 22313:2020)
General Information
Relations
Standards Content (Sample)
SLOVENSKI STANDARD
01-maj-2020
Nadomešča:
SIST EN ISO 22313:2015
Varnost in vzdržljivost - Sistem vodenja neprekinjenosti poslovanja - Navodilo za
uporabo standarda ISO 22301 (ISO 22313:2020)
Security and resilience - Business continuity management systems - Guidance on the
use of ISO 22301 (ISO 22313:2020)
Sicherheit und Resilienz - Business Continuity Management Systems - Anleitung zur
Verwendung von ISO 22301 (ISO 22313:2020)
Sécurité et résilience - Systèmes de management de la continuité d'activité - Lignes
directrices sur l'utilisation de l'ISO 22301 (ISO 22313:2020)
Ta slovenski standard je istoveten z: EN ISO 22313:2020
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
03.100.70 Sistemi vodenja Management systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EN ISO 22313
EUROPEAN STANDARD
NORME EUROPÉENNE
February 2020
EUROPÄISCHE NORM
ICS 03.100.01; 03.100.70 Supersedes EN ISO 22313:2014
English Version
Security and resilience - Business continuity management
systems - Guidance on the use of ISO 22301 (ISO
22313:2020)
Sécurité et résilience - Systèmes de management de la Sicherheit und Resilienz - Business Continuity
continuité d'activité - Lignes directrices sur l'utilisation Management Systems - Anleitung zur Verwendung von
de l'ISO 22301 (ISO 22313:2020) ISO 22301 (ISO 22313:2020)
This European Standard was approved by CEN on 18 February 2020.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 22313:2020 E
worldwide for CEN national Members.
Contents Page
European foreword . 3
European foreword
This document (EN ISO 22313:2020) has been prepared by Technical Committee ISO/TC 292 "Security
and resilience" in collaboration with Technical Committee CEN/TC 391 “Societal and Citizen Security”
the secretariat of which is held by AFNOR.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by August 2020, and conflicting national standards shall
be withdrawn at the latest by August 2020.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO 22313:2014.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the
United Kingdom.
Endorsement notice
The text of ISO 22313:2020 has been approved by CEN as EN ISO 22313:2020 without any modification.
INTERNATIONAL ISO
STANDARD 22313
Second edition
2020-02
Security and resilience — Business
continuity management systems —
Guidance on the use of ISO 22301
Sécurité et résilience — Systèmes de management de la continuité
d'activité — Lignes directrices sur l'utilisation de l'ISO 22301
Reference number
ISO 22313:2020(E)
©
ISO 2020
ISO 22313:2020(E)
© ISO 2020
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2020 – All rights reserved
ISO 22313:2020(E)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization . 2
4.1 Understanding the organization and its context . 2
4.2 Understanding the needs and expectations of interested parties . 3
4.2.1 General. 3
4.2.2 Legal and regulatory requirements . 3
4.3 Determining the scope of the business continuity management system . 4
4.3.1 General. 4
4.3.2 Scope of the business continuity management system . 4
4.3.3 Exclusions to scope . 4
4.4 Business continuity management system . 5
5 Leadership . 5
5.1 Leadership and commitment . 5
5.1.1 General. 5
5.1.2 Top management . 5
5.1.3 Other managerial roles . 6
5.2 Policy . 6
5.2.1 Establishing the business continuity policy . 6
5.2.2 Communicating the business continuity policy . 7
5.3 Roles, responsibilities and authorities . 7
6 Planning . 9
6.1 Actions to address risks and opportunities . 9
6.1.1 Determining risks and opportunities . 9
6.1.2 Addressing risks and opportunities . 9
6.2 Business continuity objectives and planning to achieve them .10
6.2.1 Establishing business continuity objectives .10
6.2.2 Determining business continuity objectives.10
6.3 Planning changes to the business continuity management system .10
7 Support .11
7.1 Resources .11
7.1.1 General.11
7.1.2 BCMS resources .11
7.2 Competence .11
7.3 Awareness .13
7.4 Communication .14
7.5 Documented information .15
7.5.1 General.15
7.5.2 Creating and updating .16
7.5.3 Control of documented information .16
8 Operation .17
8.1 Operational planning and control .17
8.1.1 General.17
8.1.2 Business continuity management .18
8.1.3 Maintaining business continuity .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.