ISO 22336:2024
(Main)Security and resilience — Organizational resilience — Guidelines for resilience policy and strategy
Security and resilience — Organizational resilience — Guidelines for resilience policy and strategy
This document provides guidelines on the design and development of an organizational resilience policy and strategy. It includes: — how to design and formulate a resilience policy; — how to design strategy to achieve the objectives of a resilience policy; — how to determine priorities for implementation of the organization’s resilience initiatives; — how to establish a cooperative and coordinated capability to enhance resilience. This document is applicable to organizations seeking to enhance resilience. It is not specific to any industry or sector. It can be applied throughout the life of an organization to enhance resilience. This document does not provide guidance on the development of an organizational resilience capability.
Sécurité et résilience — Résilience organisationnelle — Lignes directrices pour une politique et une stratégie de résilience
General Information
Standards Content (Sample)
International
Standard
ISO 22336
First edition
Security and resilience —
2024-10
Organizational resilience —
Guidelines for resilience policy and
strategy
Sécurité et résilience — Résilience organisationnelle — Lignes
directrices pour une politique et une stratégie de résilience
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Principles . 1
4.1 General .1
4.2 Policy formulation .2
4.3 Strategy design . .2
4.4 Strategy implementation .3
5 Organizational context . . 3
6 Attributes of policies and strategies for resilience . 3
6.1 General .3
6.2 P olicy formulation .3
6.2.1 General .3
6.2.2 Shared vision and clarity of purpose .4
6.2.3 Understanding and influencing context .4
6.2.4 Culture supportive of organizational resilience .4
6.3 Strategy design . .4
6.3.1 General .4
6.3.2 Anticipates, absorbs, and manages change .4
6.3.3 Shared information and knowledge.4
6.3.4 Continual improvement and evaluation .4
6.4 Strategy implementation .4
6.4.1 General .4
6.4.2 Availability of resources .4
6.4.3 Effective and empowered leadership .5
6.4.4 Coordination and alignment of systems.5
7 Enabling behaviours . 5
7.1 General .5
7.2 Adaptable . . .5
7.3 Inclusive .5
7.4 Integrated .6
7.5 Reflective .6
7.6 Prepared .6
7.7 Robust . .7
7.8 Innovative .7
8 Framework for resilience policy and strategy . 8
8.1 General .8
8.2 L eadership and commitment .8
8.2.1 General .8
8.2.2 Commitment to enhancing resilience .9
8.3 Policy formulation .9
8.4 Strategy design .10
8.5 Strategy implementation .10
8.6 Evaluation .10
8.6.1 General .10
8.6.2 Key performance indicators .11
9 Process . .11
9.1 General .11
9.2 Understanding the context of the resilience policy and strategy . 12
iii
9.2.1 General . 12
9.2.2 Determining the internal context . 12
9.2.3 Determining the external context . 13
9.2.4 Horizon scanning . 13
9.3 Communication .14
9.4 Policy formulation .14
9.5 Strategy design . 15
9.5.1 General . 15
9.5.2 Designing strategy to achieve resilience policy objectives . 15
9.5.3 Ensuring alignment with organizational goals . 15
9.5.4 Establishing resilience objectives . 15
9.5.5 Prioritizing objectives .16
9.6 Strategy implementation .16
9.6.1 General .16
9.6.2 Developing a strategic implementation plan.16
9.6.3 Allocating resources .17
9.6.4 Roles and responsibilities .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.