iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TS 22330:2018

(Main)

Security and resilience — Business continuity management systems — Guidelines for people aspects of business continuity

Security and resilience — Business continuity management systems — Guidelines for people aspects of business continuity

This document gives guidelines for the planning and development of policies, strategies and procedures for the preparation and management of people affected by an incident. This includes: — preparation through awareness, analysis of needs, and learning and development; — coping with the immediate effects of the incident (respond); — managing people during the period of disruption (recover); — continuing to support the workforce after returning to business as usual (restore). The management of people relating to civil emergencies or other societal disruption is out of the scope of this document.

Sécurité et résilience — Systèmes de gestion de la poursuite des activités — Lignes directrices concernant les aspects humains de la poursuite des activités

General Information

Status
Published
Publication Date
30-May-2018
ICS
03.100.01 - Company organization and management in general
03.100.70 - Management systems
Technical Committee
ISO/TC 292 - Security and resilience
Drafting Committee
ISO/TC 292/WG 2 - Continuity and organizational resilience
Current Stage
9093 - International Standard confirmed
Ref Project

Buy Standard

ISO/TS 22330:2018 - Security and resilience -- Business continuity management systems -- Guidelines for people aspects of business continuityISO/TS 22330:2018 - Security and resilience -- Business continuity management systems -- Guidelines for people aspects of business continuity
PreviousNext
Technical specification
ISO/TS 22330:2018 - Security and resilience -- Business continuity management systems -- Guidelines for people aspects of business continuity
English language
38 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


TECHNICAL ISO/TS
SPECIFICATION 22330
First edition
2018-06
Security and resilience — Business
continuity management systems
— Guidelines for people aspects of
business continuity
Sécurité et résilience — Systèmes de gestion de la poursuite des
activités — Lignes directrices concernant les aspects humains de la
poursuite des activités
Reference number
©
ISO 2018
© ISO 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2018 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 People aspects overview . 2
4.1 General . 2
4.2 The need for a people aspects approach . 3
4.3 Structure . 4
5 Precursors . 4
5.1 General . 4
5.2 Duty of care . 5
5.3 Attributes of the organization . 6
5.4 Team and individual competencies . 7
6 Preparing to respond . 7
6.1 General . 7
6.2 Business impact analysis . 7
6.3 Managing people risks in business continuity. 8
6.4 Including people aspects in business continuity management . 8
6.5 Knowledge, skills and abilities . 8
6.5.1 General. 8
6.5.2 Education . 8
6.5.3 Learning and development . 9
6.5.4 Experience . 9
6.6 Awareness across an organization . 9
7 Delivering the response .10
7.1 General .10
7.2 Respond.11
7.2.1 General .11
7.2.2 Responding to early warning .11
7.2.3 Immediate actions to protect and secure people .11
7.2.4 Incident response organization .15
7.3 Recover .17
7.3.1 General.17
7.3.2 Mobilizing the workforce in adverse conditions .17
7.3.3 Using alternative work sites.18
7.3.4 Working from home .18
7.3.5 People management issues .19
7.4 Restore .20
7.4.1 General.20
7.4.2 Actions for sustainable restoration of operations .21
7.5 People support strategies .21
7.5.1 Managing the needs of families and friends .21
7.5.2 Physical and psychological well-being .22
7.6 Communications .23
7.6.1 General.23
7.6.2 Importance of internal communication .24
7.6.3 Communication systems and pathways .25
7.6.4 External communications .26
7.6.5 Social media .27
7.7 Managing the impact of travel issues .27
7.7.1 General.27
7.7.2 Travel issues .28
7.7.3 Managing a travel incident .28
8 Review and continuous improvement .29
8.1 General .29
8.2 Continuous improvement through exercising .29
8.3 Feedback from the workforce or external agencies .29
8.4 Record-keeping .30
8.5 Risk review .30
Annex A (informative) Psychological response management .31
Annex B (informative) Relatives response team .35
Bibliography .38
iv © ISO 2018 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 22301:2019/Amd 1:2024(Amendment)
Security and resilience — Business continuity management systems — Requirements — Amendment 1: Climate action changes
  • Standard
    1 page
    English language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
ISO
ISO 28000:2022/Amd 1:2024(Amendment)
Security and resilience — Security management systems — Requirements — Amendment 1: Climate action changes
  • Standard
    1 page
    English language
    sale 15% off
ISO
ISO 28000:2022(Main)
Security and resilience — Security management systems — Requirements
SIST ISO 28000:2023

This document specifies requirements for a security management system, including aspects relevant to the supply chain. This document is applicable to all types and sizes of organizations (e.g. commercial enterprises, government or other public agencies and non-profit organizations) which intend to establish, implement, maintain and improve a security management system. It provides a holistic and common approach and is not industry or sector specific. This document can be used throughout the life of the organization and can be applied to any activity, internal or external, at all levels.

  • Standard
    27 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    20 pages
    English language
    sale 15% off
ISO
ISO 22313:2020(Main)
Security and resilience — Business continuity management systems — Guidance on the use of ISO 22301

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice. This document is applicable to organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; d) seek to enhance their resilience through the effective application of the BCMS. The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization's operating environment and complexity.

  • Standard
    55 pages
    English language
    sale 15% off
  • Standard
    58 pages
    French language
    sale 15% off
ISO
ISO 22301:2019(Main)
Security and resilience — Business continuity management systems — Requirements

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise. The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity. This document is applicable to all types and sizes of organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; d) seek to enhance their resilience through the effective application of the BCMS. This document can be used to assess an organization's ability to meet its own business continuity needs and obligations.

  • Standard
    21 pages
    English language
    sale 15% off
  • Standard
    21 pages
    English language
    sale 15% off
  • Standard
    22 pages
    French language
    sale 15% off
  • Standard
    22 pages
    French language
    sale 15% off
ISO
ISO/TS 22331:2018(Main)
Security and resilience — Business continuity management systems — Guidelines for business continuity strategy

This document gives guidance for business continuity strategy determination and selection. It is applicable to all organizations regardless of type, size and nature, whether in the private, public or not-for-profit sectors. It is intended for use by those responsible for, or participating in, strategy determination and selection.

  • Technical specification
    25 pages
    English language
    sale 15% off
  • Technical specification
    28 pages
    French language
    sale 15% off
ISO
ISO 28004-3:2014(Main)
Security management systems for the supply chain — Guidelines for the implementation of ISO 28000 — Part 3: Additional specific guidance for adopting ISO 28000 for use by medium and small businesses (other than marine ports)

ISO 28004-3:2014 has been developed to supplement ISO 28004-1 by providing additional guidance to medium and small businesses (other than marine ports) that wish to adopt ISO 28000. The additional guidance in ISO 28004-3:2014, while amplifying the general guidance provided in the main body of ISO 28004-1, does not conflict with the general guidance, nor does it amend ISO 28000.

  • Standard
    15 pages
    English language
    sale 15% off
  • Standard
    15 pages
    Russian language
    sale 15% off
  • Standard
    18 pages
    Russian language
    sale 15% off
ISO
ISO 28004-4:2014(Main)
Security management systems for the supply chain — Guidelines for the implementation of ISO 28000 — Part 4: Additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective

ISO 28004-4:2014 provides additional guidance for organizations adopting ISO 28000 that also wish to incorporate the Best Practices identified in ISO 28001 as a management objective on their international supply chains. The Best Practices in ISO 28001 both help organizations establish and document levels of security within an international supply chain and facilitate validation in national Authorized Economic Operator (AEO) programmes that are designed in accordance with the World Customs Organization (WCO) Framework of Standards. ISO 28004-4:2014 is not designed as a standalone document. The main body of ISO 28004-1 provides significant guidance pertaining to required inputs, processes, outputs and other elements required by ISO 28000. ISO 28004-4:2014 provides additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective.

  • Standard
    6 pages
    English language
    sale 15% off
  • Standard
    6 pages
    Russian language
    sale 15% off
ISO
ISO 28001:2007(Main)
Security management systems for the supply chain — Best practices for implementing supply chain security, assessments and plans — Requirements and guidance

ISO 28001:2007 provides requirements and guidance for organizations in international supply chains to develop and implement supply chain security processes; establish and document a minimum level of security within a supply chain(s) or segment of a supply chain; assist in meeting the applicable authorized economic operator (AEO) criteria set forth in the World Customs Organization Framework of Standards and conforming national supply chain security programmes. In addition, ISO 28001:2007 establishes certain documentation requirements that would permit verification. Users of ISO 28001:2007 will define the portion of an international supply chain within which they have established security; conduct security assessments on that portion of the supply chain and develop adequate countermeasures; develop and implement a supply chain security plan; train security personnel in their security related duties.

  • Standard
    27 pages
    English language
    sale 15% off
  • Standard
    35 pages
    Russian language
    sale 15% off
ISO
ISO 28004-1:2007(Main)
Security management systems for the supply chain — Guidelines for the implementation of ISO 28000 — Part 1: General principles

ISO 28004:2007 provides generic advice on the application of ISO 28000:2007, Specification for security management systems for the supply chain. It explains the underlying principles of ISO 28000 and describes the intent, typical inputs, processes and typical outputs for each requirement of ISO 28000. This is to aid the understanding and implementation of ISO 28000. ISO 28004:2007 does not create additional requirements to those specified in ISO 28000, nor does it prescribe mandatory approaches to the implementation of ISO 28000.

  • Standard
    56 pages
    English language
    sale 15% off
  • Standard
    61 pages
    French language
    sale 15% off
  • Standard
    80 pages
    Russian language
    sale 15% off