iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

EN ISO 22313:2014

(Main)

Societal security - Business continuity management systems - Guidance (ISO 22313:2012)

Societal security - Business continuity management systems - Guidance (ISO 22313:2012)

ISO 22313:2012 for business continuity management systems provides guidance based on good international practice for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and continually improving a documented management system that enables organizations to prepare for, respond to and recover from disruptive incidents when they arise.
It is not the intent of ISO 22313:2012 to imply uniformity in the structure of a BCMS but for an organization to design a BCMS that is appropriate to its needs and that meets the requirements of its interested parties. These needs are shaped by legal, regulatory, organizational and industry requirements, the products and services, the processes employed, the environment in which it operates, the size and structure of the organization and the requirements of its interested parties.
ISO 22313 is generic and applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors that wish to:
establish, implement, maintain and improve a BCMS;
ensure conformance with the organization's business continuity policy; or
make a self-determination and self-declaration of compliance with this International Standard.

Sicherheit und Schutz des Gemeinwesens - Business Continuity Management Systems - Leitlinie (ISO 22313:2012)

Diese Internationale Norm für Business Continuity Management Systeme enthält Leitlinien, die auf international anerkannten Praktiken zur Planung, Einführung, Umsetzung, Betrieb, Überwachung, Überprüfung, Aufrechterhaltung und ständigen Verbesserung eines dokumentierten Managementsystems beruhen, die Organisationen ermöglichen, sich auf Zwischenfälle mit Betriebsunterbrechung vorzubereiten, auf sie zu reagieren und sich nach ihrem Eintreten von ihnen zu erholen.
Diese Internationale Norm beabsichtigt keine Einheitlichkeit im Aufbau eines BCMS, setzt jedoch bei einer Organisation voraus, dass diese ein BCMS gestaltet, das, ihren Bedürfnissen entspricht und die Anforde-rungen ihrer Interessengruppen erfüllt. Diese Bedürfnisse werden durch rechtliche, behördliche, organisatorische und branchenspezifische Anforderungen, durch die Produkte und Dienstleistungen, die eingesetzten Prozesse, die Betriebsumgebung, die Größe und Struktur der Organisation und die Anforderungen der Interessengruppen geprägt.
Diese Internationale Norm ist generisch und gilt für alle Organisationsgrößen und -typen, einschließlich großer, mittlerer und kleiner Unternehmen, die im industriellen, kommerziellen, öffentlichen und gemeinnützigen Bereich tätig sind und
a)   ein BCMS einführen, umsetzen, aufrechterhalten und verbessern möchten,
b)   die Übereinstimmung mit den Leitlinien einer Organisation im Hinblick auf die Aufrechterhaltung der Betriebsfähigkeit sicherstellen möchten oder
c)   eine Eigenfeststellung oder eine Selbsterklärung der Übereinstimmung mit dieser Inter¬nationalen Norm erstellen möchten.
Diese Internationale Norm kann nicht dazu angewendet werden, die Befähigung einer Organisation zur Erfüllung der eigenen Kontinuitätsbedürfnisse oder der Erfüllung von Kunden-, gesetz¬lichen oder behördlichen Bedürfnissen zu bewerten. Organisationen, die dies wünschen, können die Anforderungen von ISO 22301 anwenden, um anderen die Übereinstimmung nachzuweisen oder um die Zertifizierung ihres BCMS durch eine akkreditierte dritte Seite Zertifizierungsstelle zu ersuchen.

Sécurité sociétale - Systèmes de management de la continuité d'activité - Lignes directrices (ISO 22313:2012)

L'ISO 22313:2012 relative aux systèmes de management de la continuité d'activité fournit des lignes directrices basées sur une bonne pratique internationale pour la planification, l'établissement, la mise en ?uvre, l'exploitation, la surveillance, le réexamen, la mise à jour et l'amélioration constante d'un système de management documenté permettant aux organisations de se préparer aux incidents perturbateurs, d'y répondre et de reprendre leurs activités lorsqu'ils surviennent.
L'ISO 22313:2012 ne prétend pas uniformiser la structure d'un SMCA, mais permettre à une organisation de définir un SMCA qui convienne à ses besoins et qui réponde aux exigences des parties concernées. Ces besoins sont conditionnés par les exigences légales, réglementaires, organisationnelles et industrielles, par les produits et les services, les processus employés, l'environnement dans lequel l'organisation fonctionne, la taille et la structure de cette dernière et les exigences des parties concernées.
L'ISO 22313:2012 est générique et s'applique à toute taille et tout type d'organisations, qu'elles soient grandes, moyennes ou petites et qu'elles interviennent dans les secteurs industriels, commerciaux, publics et à but non lucratif, dans la mesure où elles souhaitent:
a) établir, mettre en ?uvre, maintenir et améliorer un SMCA;
b) assurer la conformité avec la politique de continuité d'activité de l'organisation;
c) procéder à une autodétermination et effectuer une auto-déclaration de conformité avec la présente Norme internationale.

Družbena varnost - Sistem vodenja neprekinjenosti poslovanja - Navodilo (ISO 22313:2012)

Ta mednarodni standard za sisteme vodenja neprekinjenosti poslovanja zagotavlja navodila na podlagi dobre mednarodne prakse za načrtovanje, ustanavljanje, izvajanje, upravljanje, nadzorovanje, pregledovanje, vzdrževanje in nenehno izboljševanje dokumentiranega sistema vodenja, ki organizacijam omogoča, da se pripravijo in odzovejo na prekinitve poslovanja, kadar pride do njih, ter si opomorejo po njih.  Namen tega mednarodnega standarda ni, da bi zahteval enotno strukturo sistema vodenja neprekinjenosti poslovanja (BCMS), ampak omogočiti, da organizacija oblikuje svoj sistem vodenja neprekinjenosti poslovanja, ki ustreza njenim potrebam in izpolnjuje zahteve njenih zainteresiranih strani. Te potrebe oblikujejo pravne, regulativne, organizacijske in industrijske zahteve, proizvodi ter storitve, uporabljeni procesi, okolje, v katerem deluje, velikost in struktura organizacije ter zahteve njenih zainteresiranih strani.  Ta mednarodni standard je generičen in se uporablja za vse velikosti in vrste organizacij, tudi za velike, srednje velike in majhne organizacije, ki delujejo v industrijskem, gospodarskem, javnem in nepridobitnem sektorju, ki želijo: a) ustanoviti, izvajati, vzdrževati in izboljšati sistem vodenja neprekinjenosti poslovanja; b) zagotoviti skladnost s politiko neprekinjenosti poslovanja organizacije ali c) sprejeti lastno odločitev in izdati lastno izjavo o skladnosti s tem mednarodnim standardom. Tega mednarodnega standarda ni mogoče uporabljati za oceno sposobnosti organizacije za izpolnjevanje svojih potreb glede neprekinjenosti poslovanja ali strankinih, pravnih ali regulativnih potreb. Organizacije, ki to želijo narediti, lahko uporabijo zahteve iz standarda ISO 22301, da dokažejo skladnost z drugimi ali pridobijo potrdilo za svoj sistem vodenja neprekinjenosti poslovanja pri akreditiranem certifikacijskem organu tretje strani.

General Information

Status
Withdrawn
Publication Date
04-Nov-2014
Withdrawal Date
25-Feb-2020
ICS
03.100.01 - Company organization and management in general
Technical Committee
CEN/TC 391 - Societal and Citizen Security
Drafting Committee
CEN/TC 391 - Societal and Citizen Security
Current Stage
9960 - Withdrawal effective - Withdrawal
Completion Date
26-Feb-2020
Ref Project
SIST EN ISO 22313:2015 - Societal security - Business continuity management systems - Guidance (ISO 22313:2012)

Relations

Replaced By
EN ISO 22313:2020 - Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
Effective Date
04-Mar-2020

Buy Standard

EN ISO 22313:2015EN ISO 22313:2015
PreviousNext
Standard
EN ISO 22313:2015
English language
58 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-februar-2015
Družbena varnost - Sistem vodenja neprekinjenosti poslovanja - Navodilo (ISO
22313:2012)
Societal security - Business continuity management systems - Guidance (ISO
22313:2012)
Sicherheit und Schutz des Gemeinwesens - Aufrechterhaltung der Betriebsfähigkeit -
Leitlinie (ISO 22313:2012)
Sécurité sociétale - Systèmes de management de la continuité d'activité - Lignes
directrices (ISO 22313:2012)
Ta slovenski standard je istoveten z: EN ISO 22313:2014
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN ISO 22313
NORME EUROPÉENNE
EUROPÄISCHE NORM
November 2014
ICS 03.100.01
English Version
Societal security - Business continuity management systems -
Guidance (ISO 22313:2012)
Sécurité sociétale - Systèmes de management de la Sicherheit und Schutz des Gemeinwesens -
continuité d'activité - Lignes directrices (ISO 22313:2012) Aufrechterhaltung der Betriebsfähigkeit - Leitlinie (ISO
22313:2012)
This European Standard was approved by CEN on 18 October 2014.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national
standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same
status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 22313:2014 E
worldwide for CEN national Members.

Contents Page
Foreword .3
Foreword
The text of ISO 22313:2012 has been prepared by Technical Committee ISO/TC 223 “Societal security” of the
International Organization for Standardization (ISO) and has been taken over as EN ISO 22313:2014 by
Technical Committee CEN/TC 391 “Societal and Citizen Security” the secretariat of which is held by NEN.
This European Standard shall be given the status of a national standard, either by publication of an identical
text or by endorsement, at the latest by May 2015, and conflicting national standards shall be withdrawn at the
latest by May 2015.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech
Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece,
Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,
Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
Endorsement notice
The text of ISO 22313:2012 has been approved by CEN as EN ISO 22313:2014 without any modification.
INTERNATIONAL ISO
STANDARD 22313
First edition
2012-12-15
Societal security — Business continuity
management systems — Guidance
Sécurité sociétale — Systèmes de management de la continuité
d’activité — Lignes directrices
Reference number
ISO 22313:2012(E)
©
ISO 2012
ISO 22313:2012(E)
© ISO 2012
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any
means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the
address below or ISO’s member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2012 – All rights reserved

ISO 22313:2012(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization . 1
4.1 Understanding of the organization and its context . 1
4.2 Understanding the needs and expectations of interested parties . 2
4.3 Determining the scope of the management system . 4
4.4 Business continuity management system . 4
5 Leadership . 4
5.1 Leadership and commitment . 4
5.2 Management commitment . 5
5.3 Policy . 5
5.4 Organizational roles, responsibilities and authorities. 6
6 Planning . 7
6.1 Actions to address risks and opportunities . 7
6.2 Business continuity objectives and plans to achieve them . 7
7 Support . 7
7.1 Resources . 7
7.2 Competence . 8
7.3 Awareness .10
7.4 Communication .11
7.5 Documented information .12
8 Operation .14
8.1 Operational planning and control .14
8.2 Business impact analysis and risk assessment .17
8.3 Business continuity strategy .21
8.4 Establish and implement business continuity procedures .28
8.5 Exercising and testing .38
9 Performance evaluation .40
9.1 Monitoring, measurement, analysis and evaluation .40
9.2 Internal audit .42
9.3 Management review .43
10 Improvement .44
10.1 Nonconformity and corrective action .44
10.2 Continual improvement .45
Bibliography .46
ISO 22313:2012(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International
Standards adopted by the technical committees are circulated to the member bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the member bodies
casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 22313 was prepared by Technical Committee ISO/TC 223, Societal security.
For the purposes of research, users are encouraged to share their views on ISO 22313:2012
and their priorities for changes to future editions of the document. Click on the link below to
take part in the online survey:
http://www.surveymonkey.com/s/22313
iv © ISO 2012 – All rights reserved

--------------
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 22361:2022(Main)
Security and resilience - Crisis management - Guidelines (ISO 22361:2022)
SIST EN ISO 22361:2023

This document provides guidance on crisis management to help organizations plan, establish, maintain, review and continually improve a strategic crisis management capability. This guidance can help any organization to identify and manage a crisis. Elements for consideration include:
—    context, core concepts, principles and challenges (see Clause 4);
—    developing an organization’s crisis management capability (see Clause 5);
—    crisis leadership (see Clause 6);
—    the decision-making challenges and complexities facing a crisis team in action (see Clause 7);
—    crisis communication (see Clause 8);
—    training, validation and learning from crises (see Clause 9).
It is applicable to top management with strategic responsibilities for the delivery of a crisis management capability in any organization. It can also be used by those who operate under the direction of top management.
This document acknowledges the relationship and interdependencies with various disciplines but is distinct from these topics.

  • Standard
    46 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22300:2021(Main)
Security and resilience - Vocabulary (ISO 22300:2021)
SIST EN ISO 22300:2021

This document defines terms used in security and resilience standards.

  • Standard
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22313:2020(Main)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
SIST EN ISO 22313:2020

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.
This document is applicable to organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.

  • Standard
    70 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22301:2019(Main)
Security and resilience - Business continuity management systems - Requirements (ISO 22301:2019)
SIST EN ISO 22301:2020

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
This document is applicable to all types and sizes of organizations that:
a)   implement, maintain and improve a BCMS;
b)   seek to ensure conformity with stated business continuity policy;
c)   need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;
d)   seek to enhance their resilience through the effective application of the BCMS.
This document can be used to assess an organization's ability to meet its own business continuity needs and obligations.

  • Standard
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22315:2018(Main)
Societal security - Mass evacuation - Guidelines for planning (ISO 22315:2014)
SIST EN ISO 22315:2018

ISO 22315:2014 provides guidelines for mass evacuation planning in terms of establishing, implementing, monitoring, evaluating, reviewing, and improving preparedness. It establishes a framework for each activity in mass evacuation planning for all identified hazards. It will help organizations to develop plans that are evidence-based and that can be evaluated for effectiveness.
ISO 22315:2014 is intended for use by organizations with responsibility for, or involvement in, part or all of the planning for mass evacuation. It is applicable to all types and sizes of organizations that are involved in the planning for mass evacuation, such as local, regional, and national governments; statutory bodies; international and non-governmental organizations; businesses; and public and social groups.
ISO 22315:2014 covers planning for mass evacuation in order to gain a more effective response during the actual evacuation. It will assist organizations to meet their obligation of saving human life and reducing suffering.
ISO 22315:2014 does not cover activities to stabilize the affected area after an evacuation, protect property, and preserve the environment.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22397:2018(Main)
Societal security - Guidelines for establishing partnering arrangements (ISO 22397:2014)
SIST EN ISO 22397:2018

ISO 22397:2014 provides guidelines for establishing partnering arrangements among organizations to manage multiple relationships for events impacting on societal security. It incorporates principles and describes the process for planning, developing, implementing and reviewing partnering arrangements.
ISO 22397:2014 is applicable to all organizations regardless of type, size and nature of activity whether in or between the private, public, or not-for-profit sectors.

  • Standard
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    21 pages
    German language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22311:2014(Main)
Societal security - Video-surveillance - Export interoperability (ISO 22311:2012)
SIST EN ISO 22311:2015

ISO 22311:2012 is mainly for societal security purposes and specifies a common output file format that can be extracted from the video-surveillance contents collection systems (stand alone machines or large scale systems) by an exchangeable data storage media or through a network to allow end-users to access digital video-surveillance contents and perform their necessary processing.

  • Standard
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22301:2019/prA1(Amendment)
Security and resilience - Business continuity management systems - Requirements - Amendment 1: Climate action changes (ISO 22301:2019/Amd 1:2024)
SIST EN ISO 22301:2020/oprA1:2024
  • Draft
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
prEN ISO 22360(Main)
Security and resilience - Crisis management - Concept, principles and framework (ISO/DTS 22360:2023)
oSIST prEN ISO 22360:2024

Crises conditions may manifest themselves throughout all elements of global society and significantly
impact upon the goals and objectives of nations, regional and urban areas, communities, organizations
(both public sector and private enterprise) and individual people.
Crises may arise from failures to effectively manage security of assets, information, reputations or
sovereign risks to governments or organizations or to provide safety and protection of members of
society from personal injury, loss or harm.
The development of a Crisis Management Framework under which all related standards for crisis
management can be developed within the proposed WG9 provides a logical and consistent approach
within this new branch of study for TC 292.

  • Draft
    34 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
prEN ISO 22319(Main)
Security and resilience - Community resilience - Guidelines for planning the involvement of spontaneous volunteers (ISO 22319:2017)
oSIST prEN ISO 22319:2021

ISO 22319:2017 provides guidelines for planning the involvement of spontaneous volunteers (SVs) in incident response and recovery. It is intended to help organizations to establish a plan to consider whether, how and when SVs can provide relief to a coordinated response and recovery for all identified hazards. It helps identify issues to ensure the plan is risk-based and can be shown to prioritize the safety of SVs, the public they seek to assist and incident response staff.
ISO 22319:2017 is intended for use by organizations with responsibility for, or involvement in, part or all of the planning for working with SVs. It is applicable to all types and sizes of organizations that are involved in the planning for, and management of, SVs (e.g. local, regional, and national governments, statutory bodies, international and non-governmental organizations, businesses and public and community groups).
The range of tasks performed by SVs can require only basic planning (e.g. for people who are first on the scene), or a plan that is more complex (e.g. for people who travel to the affected area to volunteer).
Coordinating the participation of volunteers who are affiliated to voluntary or professional organizations to provide relief is not within the scope of this document.

  • Draft
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day