iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN ISO 22361:2023

(Main)

Security and resilience - Crisis management - Guidelines (ISO 22361:2022)

Security and resilience - Crisis management - Guidelines (ISO 22361:2022)

This document provides guidance on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability. It is intended for any organization regardless of location, size, type, industry, structure, or sector.
This document provides guidance for:
—   understanding the context and challenges of crisis management;
—   developing an organization’s crisis management capability through preparedness (see 5.5);
—   recognizing the complexities facing a crisis team in action;
—   communicating successfully during a crisis; and
—   reviewing and learning.
It is intended for management with strategic responsibilities for the delivery of a crisis management capability. It is for those who operate under the direction and within policy of top management in:
—   implementing the crisis plans and structures; and
—   maintaining and assuring the procedures associated with the capability.
It is not intended for emergency and incident response - these require the application of operational procedures whereas crisis management relies on an adaptive, agile, and flexible strategic response).  It does not cover interoperability or command and control or business continuity management systems. While it is important to be aware of human and cultural factors as they can cause stress when working as individuals and as part of groups, it is not the purpose of this document to examine aspects of these areas in detail.

Sicherheit und Resilienz - Krisenmanagement - Leitlinien für die Entwicklung einer Strategie (ISO 22361:2022)

Dieses Dokument enthält Leitlinien für das Krisenmanagement, die Organisationen dabei helfen sollen, ihre Fähigkeit zum strategischen Krisenmanagement zu planen, einzurichten, aufrechtzuerhalten, zu überprüfen und ständig zu verbessern. Diese Leitlinien können jeder Organisation dabei helfen, eine Krise zu identifizieren und zu bewältigen. Zu den zu berücksichtigenden Elementen gehören
—   Kontext, Kernkonzeptionen, Grundsätze und Herausforderungen (siehe Abschnitt 4),
—   Entwicklung der Fähigkeit einer Organisation zum Krisenmanagement (siehe Abschnitt 5),
—   Führung im Krisenfall (siehe Abschnitt 6),
—   die Herausforderungen hinsichtlich der Entscheidungsfindung und die Komplexität, mit denen ein Krisenstab im Einsatz konfrontiert ist (siehe Abschnitt 7),
—   Kommunikation im Krisenfall (siehe Abschnitt 8), und
—   Schulung, Validierung und Lernen aus Krisen (siehe Abschnitt 9).
Sie sind zur Verwendung durch das Spitzen-Management mit strategischer Verantwortung für die Bereitstellung von Krisenmanagementkapazitäten in jeder Organisation vorgesehen. Sie können auch von denjenigen genutzt werden, die unter der Leitung der obersten Führungsebene arbeiten.
Dieses Dokument erkennt die Beziehung zwischen und die gegenseitigen Abhängigkeiten von verschiedenen Disziplinen an, ist aber von diesen Themen getrennt.

Sécurité et résilience - Gestion de crise - Lignes directrices (ISO 22361:2022)

Le présent document fournit des lignes directrices pour la gestion de crise destinées à aider les organismes à planifier, établir, maintenir, passer en revue et améliorer de façon continue une capacité de gestion de crise stratégique. Ces lignes directrices peuvent aider tout organisme à identifier et à gérer une crise. Les éléments à prendre en compte incluent:
—    le contexte, les concepts fondamentaux, les principes et les défis (voir Article 4);
—    le développement de la capacité de gestion de crise d'un organisme (voir Article 5);
—    le leadership de crise (voir Article 6);
—    les défis et complexités de la prise de décision auxquels est confrontée une cellule de crise en action (voir Article 7);
—    la communication de crise (voir Article 8);
—    la formation, la validation et l’apprentissage à partir des crises (voir Article 9).
Le présent document s'adresse aux membres de la direction générale ayant des responsabilités stratégiques pour la fourniture d'une capacité de gestion de crise au sein de tout organisme. Il peut également être utilisé par les personnes qui sont placées sous l'autorité de la direction générale.
Le présent document reconnaît la relation et les interdépendances avec différentes disciplines, mais est distinct de ces thématiques.

Varnost in vzdržljivost - Krizno vodenje - Smernice (ISO 22361:2022)

Ta dokument podaja smernice za dobro prakso kriznega vodenja kot pomoč nosilcem strateškega odločanja v organizaciji pri načrtovanju, uvajanju, vzpostavljanju, upravljanju, nadzoru, pregledovanju, vzdrževanju in stalnem izboljševanju zmogljivosti kriznega vodenja. Namenjen je za vse organizacije, ne glede na lokacijo, velikost, vrsto, panogo, strukturo ali sektor.
Ta dokument podaja smernice za:
–   razumevanje konteksta in zahtevnosti kriznega vodenja;
–   razvoj zmogljivosti kriznega vodenja v organizaciji s pripravljenostjo (glej točko 5.5);
–   prepoznavanje zapletenosti, s katerimi se srečuje skupina za krizno vodenje;
–   uspešno komuniciranje v obdobju trajanja krize; ter
–   pregledovanje in učenje.
Namenjen je za vodenje s strateškimi odgovornostmi za zagotavljanje zmogljivosti kriznega vodenja. Namenjen je posameznikom, ki delujejo pod vodstvom in v okviru politike vodilnih kadrov pri:
–   uvajanju kriznih načrtov in struktur; ter
–   vzdrževanju in zagotavljanju postopkov, povezanih z zmogljivostjo.
Ni namenjen odzivu v nujnem primeru in odzivu na incident – takrat se zahteva uporaba delovnih postopkov, medtem ko se krizno vodenje zanaša na prilagodljiv, agilen in fleksibilen strateški odziv.  Ne obravnava interoperabilnosti ter upravljanja in vodenja oziroma sistemov vodenja neprekinjenosti poslovanja. Čeprav je pomembno upoštevanje človeških in kulturnih dejavnikov, ki lahko povzročijo stres pri delu posameznikov in v skupinah, namen tega dokumenta ni podrobno preučevanje vidikov teh področij.

General Information

Status
Published
Public Enquiry End Date
22-Jan-2022
Publication Date
27-Nov-2022
ICS
03.100.01 - Company organization and management in general
Technical Committee
I13 - Imaginarni 13
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
23-Nov-2022
Due Date
28-Jan-2023
Completion Date
28-Nov-2022
Ref Project
EN ISO 22361:2022 - Security and resilience - Crisis management - Guidelines (ISO 22361:2022)

Relations

Replaces
SIST-TS CEN/TS 17091:2018 - Crisis management - Guidance for developing a strategic capability
Effective Date
16-Nov-2022

Buy Standard

EN ISO 22361:2023 - BARVEEN ISO 22361:2023 - BARVE
PreviousNext
Standard
EN ISO 22361:2023 - BARVE
English language
46 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
prEN ISO 22361:2022 - BARVEprEN ISO 22361:2022 - BARVE
PreviousNext
Draft
prEN ISO 22361:2022 - BARVE
English language
43 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN ISO 22361:2023
01-januar-2023
Nadomešča:
SIST-TS CEN/TS 17091:2018
Varnost in vzdržljivost - Krizno vodenje - Smernice (ISO 22361:2022)
Security and resilience - Crisis management - Guidelines (ISO 22361:2022)
Sicherheit und Resilienz - Krisenmanagement - Leitlinien für die Entwicklung einer
Strategie (ISO 22361:2022)
Sécurité et résilience - Gestion de crise - Lignes directrices (ISO 22361:2022)
Ta slovenski standard je istoveten z: EN ISO 22361:2022
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
SIST EN ISO 22361:2023 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN ISO 22361:2023

---------------------- Page: 2 ----------------------
SIST EN ISO 22361:2023


EN ISO 22361
EUROPEAN STANDARD

NORME EUROPÉENNE

November 2022
EUROPÄISCHE NORM
ICS 03.100.01 Supersedes CEN/TS 17091:2018
English Version

Security and resilience - Crisis management - Guidelines
(ISO 22361:2022)
Sécurité et résilience - Gestion de crise - Lignes Sicherheit und Resilienz - Krisenmanagement -
directrices (ISO 22361:2022) Leitlinien für die Entwicklung einer Strategie (ISO
22361:2022)
This European Standard was approved by CEN on 14 October 2022.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2022 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 22361:2022 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------
SIST EN ISO 22361:2023
EN ISO 22361:2022 (E)
Contents Page
European foreword . 3

2

---------------------- Page: 4 ----------------------
SIST EN ISO 22361:2023
EN ISO 22361:2022 (E)
European foreword
This document (EN ISO 22361:2022) has been prepared by Technical Committee ISO/TC 292 "Security
and resilience" in collaboration with Technical Committee CEN/TC 391 “Societal and Citizen Security”
the secretariat of which is held by AFNOR.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by May 2023, and conflicting national standards shall be
withdrawn at the latest by May 2023.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
This document supersedes CEN/TS 17091:2018.
Any feedback and questions on this document should be directed to the users’ national standards
body/national committee. A complete listing of these bodies can be found on the CEN website.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Endorsement notice
The text of ISO 22361:2022 has been approved by CEN as EN ISO 22361:2022 without any modification.

3

---------------------- Page: 5 ----------------------
SIST EN ISO 22361:2023

---------------------- Page: 6 ----------------------
SIST EN ISO 22361:2023
INTERNATIONAL ISO
STANDARD 22361
First edition
2022-10
Security and resilience — Crisis
management — Guidelines
Sécurité et résilience — Gestion de crise — Lignes directrices
Reference number
ISO 22361:2022(E)
© ISO 2022

---------------------- Page: 7 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO 2022 – All rights reserved

---------------------- Page: 8 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Crisis management — Context, core concepts and principles. 3
4.1 The nature of crises . 3
4.2 Characteristics of a crisis . 3
4.3 Potential origins of crises . 5
4.4 Readiness to respond and recover . 7
4.5 Principles for crisis management . 7
4.5.1 General . 7
4.5.2 Principle A: Governance . 7
4.5.3 Principle B: Strategy . 7
4.5.4 Principle C: Risk management . 7
4.5.5 Principle D: Decision-making . 8
4.5.6 Principle E: Communication . 8
4.5.7 Principle F: Ethics . 8
4.5.8 Principle G: Learning . 8
5 Building a crisis management capability . 8
5.1 General . 8
5.2 Crisis management framework . 9
5.2.1 General . 9
5.2.2 Leadership. 9
5.2.3 Structure . 10
5.2.4 Culture . 10
5.2.5 Competence . 11
5.3 Crisis management process . 11
5.3.1 Anticipation . 11
5.3.2 Assessment . 11
5.3.3 Prevention and mitigation . 11
5.3.4 Preparedness .12
5.3.5 Response . . 16
5.3.6 Recovery . 19
5.3.7 Continual improvement. 19
6 Crisis leadership . .20
6.1 Core leadership skills and attributes . 20
6.1.1 General .20
6.1.2 Role and responsibility of the crisis leader(s) . 21
6.2 Well-being and sustainable crisis response . 22
6.2.1 Crisis management responders . . 22
6.2.2 Wider interested-party impact . 22
7 Strategic crisis decision-making .23
7.1 General .23
7.2 Why decision-making can be challenging . 24
7.3 Dilemmas, decision delay, decision avoidance . 25
7.4 Decision-making issues .25
7.5 Effective crisis decision-making . 25
8 Crisis communication .26
8.1 General . 26
8.2 Pre-crisis preparation. 26
iii
© ISO 2022 – All rights reserved

---------------------- Page: 9 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
8.3 Managing relationships and reputation . 27
8.4 Key roles . 27
8.4.1 Communication team . 27
8.4.2 Spokespeople .28
8.4.3 Media relations .28
8.5 Crisis communication strategy .28
8.6 Key principles and activities of crisis communication .29
8.7 Consistency of message . 30
8.8 Barriers to effective communication . 30
8.9 Social media — Opportunities and threats . 31
9 Training, validation and learning from crises .31
9.1 General . 31
9.2 Developing competence . 32
9.3 Training . 32
9.4 Exercising . 33
9.5 Validation .34
9.6 Evaluating and learning .34
Bibliography .36
iv
  © ISO 2022 – All rights reserved

---------------------- Page: 10 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 292, Security and resilience, in
collaboration with the European Committee for Standardization (CEN) Technical Committee CEN/
TC 391, Societal and Citizen Security, in accordance with the Agreement on technical cooperation
between ISO and CEN (Vienna Agreement).
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO 2022 – All rights reserved

---------------------- Page: 11 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
Introduction
This document has been developed to aid in the design and ongoing development of an organization’s
crisis management capability. It sets out principles and practices needed by all organizations.
Crises present organizations with complex challenges and, possibly, opportunities that can have
profound and far-reaching consequences. An organization’s crisis management capability and its ability
to manage a changing environment are key factors in determining whether a situation or incident has
the potential to pose a serious or existential threat to the organization and its environment. The crisis
affecting an organization can be part of a broader crisis.
To ensure the crisis management capability has the desired outcome, the organization should provide:
— committed leadership;
— structures (e.g. funding, communications, relationships and linkages, equipment, facilities,
information management, principles, processes and procedures);
— a supportive culture (e.g. values, ethics, code of conduct);
— competent personnel (e.g. knowledge, skills and attitude, flexible thinking).
An organization’s crisis management capability will be influenced by its relationship with other
interdependent areas such as risk management, business continuity, information security, physical
security, safety, civil protection, incident response and emergency management.
The organization should adopt a structured approach to crisis management by applying a set of
principles on which a crisis management framework can be developed. These interrelated principles,
framework and applicable process elements support the implementation of a crisis management
capability in a purposeful, consistent and rigorous manner (see Figure 1).
vi
  © ISO 2022 – All rights reserved

---------------------- Page: 12 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
Key
principle (see 4.5)
framework (see 5.2)
process (see 5.3)
Figure 1 — Building a crisis management capability — Principles, framework and process
The structure of the document is as follows:
— the core concepts of crisis management are described (see Clause 4);
— then the framework and process for building a crisis management capability are outlined (see
Clause 5).
The clauses that follow provide more detail on:
— crisis leadership (see Clause 6);
— strategic crisis decision-making (see Clause 7);
— crisis communication (see Clause 8);
— training, validation and learning from crises (see Clause 9).
Continual improvement is a component of all elements of this document (see 5.3.7), so that while it is
part of the process, it also addresses all capability elements.
vii
© ISO 2022 – All rights reserved

---------------------- Page: 13 ----------------------
SIST EN ISO 22361:2023

---------------------- Page: 14 ----------------------
SIST EN ISO 22361:2023
INTERNATIONAL STANDARD ISO 22361:2022(E)
Security and resilience — Crisis management — Guidelines
1 Scope
This document provides guidance on crisis management to help organizations plan, establish, maintain,
review and continually improve a strategic crisis management capability. This guidance can help any
organization to identify and manage a crisis. Elements for consideration include:
— context, core concepts, principles and challenges (see Clause 4);
— developing an organization’s crisis management capability (see Clause 5);
— crisis leadership (see Clause 6);
— the decision-making challenges and complexities facing a crisis team in action (see Clause 7);
— crisis communication (see Clause 8);
— training, validation and learning from crises (see Clause 9).
It is applicable to top management with strategic responsibilities for the delivery of a crisis management
capability in any organization. It can also be used by those who operate under the direction of top
management.
This document acknowledges the relationship and interdependencies with various disciplines but is
distinct from these topics.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 22300, Security and resilience — Vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22300 and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
capability
ability to accomplish an undertaking with a defined intended outcome and within specified conditions
Note 1 to entry: An organizational capability depends on the available resources and organizational principles,
framework (leadership, structure, culture, competences) and processes.
1
© ISO 2022 – All rights reserved

---------------------- Page: 15 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
3.2
crisis
abnormal or extraordinary event or situation that threatens an organization (3.13) or community and
requires a strategic, adaptive and timely response in order to preserve its viability and integrity
Note 1 to entry: The event or situation can include a high degree of complexity, instability and uncertainty.
Note 2 to entry: The event or situation can exceed the response capacity or capability (3.1) of the organization.
Note 3 to entry: Given the nature of a crisis, a flexible and dynamic approach is needed in addition to any
rehearsed plans and procedures.
Note 4 to entry: Threats can impact upon the organization’s ability to function, its reputation, its brand, its
physical, political or intellectual property, its organizational structure and its human, environment and economic
factors.
Note 5 to entry: The term “organization” also includes governmental and non-governmental agencies and
national authorities in the public sector, as well as non-governmental organizations (NGOs) and charities.
3.3
crisis management
coordinated activities to lead, direct and control an organization (3.13) with regard to crisis (3.2)
3.4
crisis management team
CMT
group of individuals functionally responsible for leading the organization's (3.13) crisis management
(3.3) response
3.5
crisis management plan
CMP
document specifying which procedures and associated resources are to be applied by whom and where
in a crisis (3.2)
3.6
incident
event or situation that can be, or could lead to, a disruption, loss, emergency or crisis (3.2)
[SOURCE: ISO 22300:2021, 3.1.122, modified — “or situation” has been added to the definition.]
3.7
interested party
stakeholder
person or organization (3.13) that can affect, be affected by, or perceive themselves to be affected by a
decision or activity
3.8
governance
human-based system by which an organization (3.13) is directed, overseen and held
accountable for achieving its defined purpose
3.9
situation report
summary, either verbal or written, outlining the current state and potential development of an incident
(3.6) or crisis (3.2) and the response to it
3.10
situational awareness
perception of the elements in the environment within a volume of time and space, the comprehension of
their meaning and a projection of their status in the near future
2
  © ISO 2022 – All rights reserved

---------------------- Page: 16 ----------------------
SIST EN ISO 22361:2023
ISO 22361:2022(E)
3.11
top management
person or group of people who directs and controls an organization (3.13) at the highest level
3.12
issue
event or situation that does not currently present, but can develop into, a long-term or significant
negative impact on the strategic objectives, reputation or viability of the organization (3.13)
Note 1 to entry: Effectively responding to emerging issues can result in the successful aversion of a crisis (3.2).
3.13
organization
person or group of people that has i
...

SLOVENSKI STANDARD
oSIST prEN ISO 22361:2022
01-januar-2022
Varnost in vzdržljivost - Krizno vodenje - Navodilo za strateško zmogljivost
(ISO/DIS 22361:2021)
Security and resilience - Crisis management - Guidelines for a strategic capability
(ISO/DIS 22361:2021)
Sicherheit und Resilienz - Krisenmanagement - Leitlinien für die Entwicklung einer
Strategie (ISO/DIS 22361:2021)
Sécurité et résilience - Gestion de crise - Lignes directrices pour une capacité
stratégique (ISO/DIS 22361:2021)
Ta slovenski standard je istoveten z: prEN ISO 22361
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
oSIST prEN ISO 22361:2022 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN ISO 22361:2022

---------------------- Page: 2 ----------------------
oSIST prEN ISO 22361:2022
DRAFT INTERNATIONAL STANDARD
ISO/DIS 22361
ISO/TC 292 Secretariat: SIS
Voting begins on: Voting terminates on:
2021-11-01 2022-01-24
Security and resilience — Crisis management — Guidelines
for a strategic capability
ICS: 03.100.01
THIS DOCUMENT IS A DRAFT CIRCULATED
This document is circulated as received from the committee secretariat.
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
ISO/CEN PARALLEL PROCESSING
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 22361:2021(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2021

---------------------- Page: 3 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved

---------------------- Page: 4 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Crisis management: Context, core concepts and principles . 3
4.1 The nature of crises . 3
4.2 Characteristics of a crisis . 4
4.3 Potential origins of crises . 6
4.4 Readiness to respond and recover . 7
4.5 Principles for crisis management . 7
5 Building a crisis management capability . 9
5.1 General . 9
5.2 Crisis Management Framework . 9
5.2.1 Leadership . 9
5.2.2 Structure .10
5.2.3 Culture .11
5.2.4 Competence .11
5.3 Crisis Management Process .11
5.3.1 Anticipation .11
5.3.2 Assessment .12
5.3.3 Prevention and Mitigation .12
5.3.4 Preparedness .12
5.3.5 Response .16
5.3.6 Recovery .19
5.3.7 Continual improvement .20
6 Crisis leadership .20
6.1 Core leadership skills and attributes .20
6.1.1 Role and responsibility of the crisis leader(s) .21
6.2 Wellbeing and sustainable crisis response .22
6.2.1 Crisis management responders .22
6.2.2 Wider interested party impact .22
7 Strategic crisis decision-making .23
7.1 General .23
7.2 Why decision-making can be challenging .24
7.3 Dilemmas, decision delay, decision avoidance .24
7.4 Decision-making issues .25
7.5 Effective crisis decision-making .25
8 Crisis communications .26
8.1 Introduction .26
8.2 Pre-crisis preparation .26
8.3 Managing relationships and reputation .27
8.4 Key roles .27
8.4.1 Communication team .27
8.4.2 Spokespeople .28
8.4.3 Media relations .28
8.5 Crisis communications strategy .28
8.6 Key principles and activities of crisis communications .29
8.7 Consistency of message .29
8.8 Barriers to effective communication.30
8.9 Social media: the opportunities and threats .30
© ISO 2021 – All rights reserved iii

---------------------- Page: 5 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

9 Training, validation and learning from crises .31
9.1 General .31
9.2 Developing competence .31
9.3 Training .32
9.4 Exercising .33
9.5 Validation .34
9.6 Evaluating and Learning .34
Bibliography .36
iv © ISO 2021 – All rights reserved

---------------------- Page: 6 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 292 Security and resilience.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v

---------------------- Page: 7 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

Introduction
This standard is to aid in the design and ongoing development of an organization’s crisis management
capability. It sets out principles and practices needed by all organizations.
Crises present organizations with complex challenges and, possibly, opportunities that can have
profound and far-reaching consequences. An organization’s crisis management capability and its ability
to manage a changing environment are key factors in determining whether a situation or incident has
the potential to pose a serious or existential threat to the organization and its environment. The crisis
affecting an organization can be part of a broader crisis.
Note please refer to definition of crisis
To ensure the crisis management capability has the desired outcome, the organization should provide
— committed leadership
— structures (e.g., funding, communications, relationships and linkages, equipment, facilities,
information management, principles, processes and procedures
— supportive culture (e.g., values, ethics, code of conducts, etc.)
— competent personnel (e.g., knowledge, skills and attitude, flexible thinking)
An organization’s crisis management capability will be influenced by its relationship with other
interdependent areas such as risk management, business continuity, information security, physical
security, safety, civil protection, incident response, and emergency management.
The organization should adopt a structured approach to crisis management by applying a set of
principles on which a crisis management framework can be developed. This should include elements of
organizational culture, leadership, competencies and structure that supports the implementation of a
crisis management capability in a purposeful, consistent and rigorous manner. (see Figure 1)
vi © ISO 2021 – All rights reserved

---------------------- Page: 8 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

Figure 1 — Building a crisis management capability: Principles, framework and process
The structure of the document is as follows: the core concepts of Crisis Management are described
(section 4), then the framework and process for building a Crisis Management capability are outlined in
section 5. The following sections provide more detail on: Crisis Leadership (section 6), Strategic crisis
decision-making (section 7), Crisis communications (section 8) and Training, Validation and learning
from crises (section 9).
© ISO 2021 – All rights reserved vii

---------------------- Page: 9 ----------------------
oSIST prEN ISO 22361:2022

---------------------- Page: 10 ----------------------
oSIST prEN ISO 22361:2022
DRAFT INTERNATIONAL STANDARD ISO/DIS 22361:2021(E)
Security and resilience — Crisis management — Guidelines
for a strategic capability
1 Scope
This international standard provides guidelines for crisis management to help organizations plan,
establish, maintain, review and continually improve a strategic crisis management capability. These
guidelines can help any organization to identify and manage a crisis. Elements for consideration
include:
— context, core concepts, principles, and challenges (clause 4)
— developing an organization’s crisis management capability (clause 5)
— crisis leadership (clause 6)
— the challenges and complexities facing a crisis team in action (clause 7)
— crisis communication (clause 8)
— training, validation and learning from crises (clause 9)
It is intended for top management with strategic responsibilities for the delivery of a crisis management
capability in any organization.  It is also meant to be used by those who operate under the direction of
top management. All those with responsibilities should:
— implement the crisis management plan and structures
— maintain and assure the procedures associated with the capability
This document acknowledges the relationship and interdependencies with various disciplines but is
distinct from these topics.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 22300, Security and resilience — Vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22300 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online Browsing Platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
© ISO 2021 – All rights reserved 1

---------------------- Page: 11 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

3.1
capability
ability to accomplish an undertaking with a defined intended outcome and within specified conditions
Note 1 to entry: Note to entry: An organizational capability depends on the available resources and organizational
principles, framework (leadership, structure, culture, competences) and processes
3.2
crisis
abnormal or extraordinary event or situation that threatens an organization or community and
requires a strategic, adaptive, and timely response in order to preserve its viability and integrity
Note 1 to entry: The event or situation might include a high degree of complexity, instability, and uncertainty.
Note 2 to entry: The event or situation might exceed the response capacity or capability of the organization
Note 3 to entry: Given the nature of a crisis a flexible and dynamic approach is needed in addition to any rehearsed
plans and procedures.
Note 4 to entry: Threats can impact upon the organization’s ability to function, its reputation, brand, physical,
political, intellectual property, organizational structure, human, environment and economic factors
Note 5 to entry: the term “organization" also includes governmental and non-governmental agencies and national
authorities in the public sector, as well as NGO’s and charities
3.3
crisis management
coordinated activities to lead, direct and control an organization with regard to crisis
3.4
crisis management team (CMT)
group of individuals functionally responsible for leading the organization’s crisis management
response
3.5
crisis management plan (CMP)
document specifying which procedures and associated resources are to be applied by whom and where
in a crisis
3.6
incident
event or situation that can be, or could lead to, a disruption, loss, emergency, or crisis(ISO 22300
modified by inclusion of “event or”)
3.7
interested party (preferred term)
stakeholder (admitted term)
person or organization that can affect, be affected by, or perceive themselves to be affected by a decision
or activity
3.8
governance of organizations
human-based system by which an organization (3.13) is directed, overseen and held accountable for
achieving its defined purpose
3.9
situation report
summary, either verbal or written, outlining the current state and potential development of an incident
or crisis and the response to it
2 © ISO 2021 – All rights reserved

---------------------- Page: 12 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

3.10
situational awareness
perception of the elements in the environment within a volume of time and space, the comprehension of
their meaning and a projection of their status in the near future
3.11
top management
person or group of people who directs and controls an organization at the highest level
3.12
issue
event or situation that does not currently present, but could develop into, a long-term or significant
negative impact on the strategic objectives, reputation or viability of the organization.
Note 1 to entry: Effectively responding to emerging issues can result in the successful aversion of a crisis
3.13
organization
person or group of people that has its own functions with responsibilities, authorities and relationships
to achieve its objectives
Note 1 to entry: The concept of organization includes, but is not limited to sole-trader, company, corporation, firm,
enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated
or not, public or private.
3.14
crisis communication
communications both internal and external to provide information, updates and instructions to
internal and external stakeholders.
Note 1 to entry: Note to entry: adequate crisis communication may also protect the organization’s reputation and
brand and maintain its public image
4 Crisis management: Context, core concepts and principles
4.1 The nature of crises
Crises can be associated with highly complex issues, the full implications and nature of which might
be unclear at the time. Possible decisions and actions can have severe negative consequences, and
decision-makers at all levels might have to choose the least detrimental solution (see 7.4) and resolve
(or recognize and accept) fundamental strategic dilemmas. This might mean that every choice comes
with a penalty of some kind and there is no ideal solution.
Premature or ill-considered decisions on actions or processes to manage a crisis may have potential to
cause significant consequences and cause additional harm or exacerbate the crisis situation and should
be avoided. If the range of available options being considered can reduce the impact of a crisis yet have
adverse consequences upon other organizational objectives, it may be necessary to choose the option
that has the potential to create the least amount of loss or disruption to the organization
Crises often involve threats to people or assets, such as property, information, and reputation.
A crisis may require an organization to review its objectives, opportunities, strategies, policies,
practices or procedures or culture as part of continual improvement. An organization faced with public
or media scrutiny as a consequence of a crisis, should demonstrate confidence in its plan to review and
amend its practices as necessary and to accept responsibility for decision making by management
A well-managed crisis can demonstrate the positive qualities of an organization and enhance its
reputation
© ISO 2021 – All rights reserved 3

---------------------- Page: 13 ----------------------
oSIST prEN ISO 22361:2022
ISO/DIS 22361:2021(E)

4.2 Characteristics of a crisis
A crisis can be complex and challenging and it can also provide opportunities for an organization to
clearly demonstrate core values, effective controls, governance, and crisis response, review and
learning.
Although many crises appear to be unique there are often consistent characteristics. Understanding
these characteristics enables the improvement of the crisis management capability by comprehending
the difference in the application of these characteristics.
Often, a crisis is precipitated by an incident. There are some common characteristics that are found
in both an incident and a crisis. Table 1 highlights some of the differences and Figure 2 shows the
relationship between an incident and a crisis.
Table 1 — Key distinctions between incidents and crises
Characteristics Incidents Crises
Predictability Incidents are generally fore- Crises are typically unique, rare,
seeable, although their specific events or situations. Some crises can
timing, type and impact are be anticipated; however, timing and
variable. impact usually are not always foresee-
able.
Onset Incidents can be no-notice or Crises can also occur from a no-notice
short-notice disruptive events, or short-notice event. They can also
or they can emerge through emerge from an incident that has not
a gradual failure or loss of been contained, has been managed
control. badly or further escalates to have rep-
utational consequences, and requiring
a crisis-level response.
Urgency and pressure In managing an incident, there A crisis always needs urgent attention
is usually a high sense of urgen- as the impact can be very high. Given
cy to act to either prevent the the potential impact and the fact that a
situation from getting worse or crisis has more visibility it is common
to minimize its impact. that it places a high level of pressure
on the organization.
Impacts Incidents are events which, Crises can disrupt or affect the entire
although they can take consid- organization, transcending organi-
erable resources to manage, zational, geographical and sectoral
never threaten the existence boundaries. As crises tend to be
of the organization or have a complex and inherently uncertain,
major long-term impact on its the long-term impacts can be difficult
reputation. The impacts are to assess. A badly handled crisis can
usually local or affect only a lead to a catastrophic loss of func-
part of the organization. tionality, values, trust and reputation.
These negative impacts can have a
Incidents are generally man-
lasting detrimental effect on the or-
ageable, and although the im-
ganization. Crisis can lead to the con-
pact on interested parties can
clusion that the legal situation must be
be severe, it is manageable and
adjusted during the crisis.
temporary. An incident can
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN 9208:2021(Main)
Aerospace series - Programme management - Expression of need - Guidance on and format for (Need) Technical Specification
EN 9208:2021

This document belongs to the documents going along with EN 9200 relating to Project Management Specification.
The aims of this document are as follows:
-   to specify/remind the concept of (Need) Technical Specification (N)TS;
-   to define the principles and conditions for drawing up, approving, using and updating a (N)TS;
-   to propose a template of (N)TS.
The template identifies topics and types of related requirements to be covered in a (N)TS without being completely exhaustive or mandatory. It is due to be analysed like a check-list and tailored according to the type of the product of interest, the context of the bodies involved and the contractual details.
The principle of drawing up a (N)TS applies to both tangible and intangible products (e.g. services).
The customer/supplier relationship addressed by these principles may also apply within a single organization. The concepts of customer and supplier are discussed in this document without distinction between internal or external relationship.
This document implements and adapts EN 16271 to the context, in order to meet the specific needs of the aeronautical field and more generally the needs of other fields.
This document is more explicit about certain aspects of ISO/IEC/IEEE 29148 dedicated to requirements engineering, such as the responsibility for drawing up a (N)TS on a contractual basis and also the process of drawing it up within a programme (stages and milestones). It also supplements the technical specification framework proposed by ISO/IEC/IEEE 29148, in particular with requirements relating to safety of operation and result assurance.
The relationships existing between Functional Performance Specification (FPS) and (N)TS for expression of needs are given in Annex A.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 56005:2021(Main)
Innovation management - Tools and methods for intellectual property management - Guidance (ISO 56005:2020)
EN ISO 56005:2021

Efficient management of IP is key to support the process of innovation, is essential for organizations' growth and protection, and is their engine for competitiveness.
This document proposes guidelines for supporting the role of IP within innovation management. It aims to address the following issues concerning IP management at strategic and operational levels:
— Creating an IP strategy to support innovation in an organization;
— Establishing systematic IP management within the innovation processes;
— Applying consistent IP tools and methods in support of efficient IP management.
This document can be used for any type of innovation activities and initiatives.

  • Standard
    47 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 22300:2021(Main)
Security and resilience - Vocabulary (ISO 22300:2021)
EN ISO 22300:2021

This document defines terms used in security and resilience standards.

  • Standard
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 56002:2021(Main)
Innovation management - Innovation management system - Guidance (ISO 56002:2019)
EN ISO 56002:2021

1.1 This document provides guidance for the establishment, implementation, maintenance, and continual improvement of an innovation management system for use in all established organizations. It is applicable to:
a) organizations seeking sustained success by developing and demonstrating their ability to effectively manage innovation activities to achieve the intended outcomes;
b) users, customers, and other interested parties, seeking confidence in the innovation capabilities of an organization;
c) organizations and interested parties seeking to improve communication through a common understanding of what constitutes an innovation management system;
d) providers of training in, assessment of, or consultancy for, innovation management and innovation management systems;
e) policy makers, aiming for higher effectiveness of support programs targeting the innovation capabilities and competitiveness of organizations and the development of society.
1.2 All the guidance within this document is generic and intended to be applicable to:
a) all types of organizations, regardless of type, sector, or size. The focus is on established organizations, with the understanding that both temporary organizations and start-ups can also benefit by applying these guidelines in all or in part;
b) all types of innovations, e.g. product, service, process, model, and method, ranging from incremental to radical;
c) all types of approaches, e.g. internal and open innovation, user-, market-, technology-, and design-driven innovation activities.
It does not describe detailed activities within the organization, but rather provides guidance at a general level. It does not prescribe any requirements or specific tools or methods for innovation activities.

  • Standard
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 56000:2021(Main)
Innovation management - Fundamentals and vocabulary (ISO 56000:2020)
EN ISO 56000:2021

1.1 This document provides the vocabulary, fundamental concepts and principles of innovation management and its systematic implementation. It is applicable to:
a) organizations implementing an innovation management system or performing innovation management assessments;
b) organizations that need to improve their ability to effectively manage innovation activities;
c) users, customers and other relevant interested parties (e.g. suppliers, partners, funding organizations, investors, universities and public authorities) seeking confidence in the innovation capabilities of an organization;
d) organizations and interested parties seeking to improve communication through a common understanding of the vocabulary used in innovation management;
e) providers of training in, assessment of, or consultancy for, innovation management and innovation management systems;
f) developers of innovation management and related standards.
1.2 This document is intended to be applicable to:
a) all types of organizations, regardless of type, sector, maturity-level or size;
b) all types of innovations, e.g. product, service, process, model and method, ranging from incremental to radical;
c) all types of approaches, e.g. internal and open innovation, user-, market-, technology- and design-driven innovation activities.
This document specifies the terms and definitions applicable to all innovation management and innovation management system standards developed by ISO/TC 279.

  • Standard
    45 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 56003:2021(Main)
Innovation management - Tools and methods for innovation partnership - Guidance (ISO 56003:2019)
EN ISO 56003:2021

This document provides a guidance for innovation partnerships. It describes the innovation partnership framework (see Clause 4 to Clause 8) and the sample corresponding tools (see Annex A to Annex E) to
— decide whether to enter an innovation partnership,
— identify, evaluate and select partners,
— align the perceptions of value and challenges of the partnership,
— manage the partner interactions.
The guidance provided by this document is relevant for any type of partnerships and collaborations and it is intended to be applicable to any organizations, regardless of its type, size, product/service provided, such as:
a) start-ups collaborating with larger organizations;
b) SMEs or larger organizations;
c) private sector entities with public or academic entities;
d) public, academic or not-for-profit organizations.
Innovation partnerships start with a gap analysis, followed by the identification, and engagement, of potential innovation partners and the governance of their interaction.
NOTE The essence of an innovation partnership is for all parties to mutually benefit from working together in the context of an opportunity for innovation.
This document is not applicable to organizations seeking innovation by merger or acquisition.

  • Standard
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    26 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN ISO/TR 56004:2020(Main)
Innovation Management Assessment - Guidance (ISO/TR 56004:2019)
CEN ISO/TR 56004:2020

This document will help the user understand why it is beneficial to carry out an Innovation Management Assessment (IMA), what to assess, how to carry out the IMA, and thus maximize the resulting benefits, which are universally applicable to:
— organizations seeking sustained success in their innovation activities;
— organizations performing IMAs;
— users and other interested parties (e.g. customers, suppliers, partners, funding organizations, universities and public authorities) seeking confidence in an organization's ability to manage innovation effectively;
— interested parties seeking to improve communication through a common understanding of Innovation Management (IM), via an assessment;
— providers of training, assessment, or advice in IM;
— developers of related standards;
— academics interested in research related to IMA.
Further, this document is intended to be applicable to:
— all types of organizations, regardless of sector, age, size, or country;
— all approaches to IM regardless of their level of sophistication, and complexity;
— all modalities of managing innovation whether centralized or decentralized;
— all ways to innovate, e.g. internal, collaborative, open, user-, market- or technology-driven innovation;
— all types of innovation such as product, service, process, business model, organizational innovation from incremental to radical.

  • Technical report
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 22313:2020(Main)
Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 (ISO 22313:2020)
EN ISO 22313:2020

ISO 22313 gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.This document is applicable to organizations that:a) implement, maintain and improve a BCMS;b) seek to ensure conformity with stated business continuity policy;c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption;d) seek to enhance their resilience through the effective application of the BCMS.The guidance and recommendations are applicable to all sizes and types of organizations, including large, medium and small organizations operating in industrial, commercial, public and not-for-profit sectors. The approach adopted depends on the organization’s operating environment and complexity.

  • Standard
    70 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    67 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 22301:2020(Main)
Security and resilience - Business continuity management systems - Requirements (ISO 22301:2019)
EN ISO 22301:2019

This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise. The requirements specified in this document are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity. This document is applicable to all types and sizes of organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; d) seek to enhance their resilience through the effective application of the BCMS. This document can be used to assess an organization’s ability to meet its own business continuity needs and obligations.

  • Standard
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 20815:2019(Main)
Petroleum, petrochemical and natural gas industries - Production assurance and reliability management (ISO 20815:2018)
EN ISO 20815:2018

This document describes the concept of production assurance within the systems and operations
associated with exploration drilling, exploitation, processing and transport of petroleum, petrochemical
and natural gas resources. This document covers upstream (including subsea), midstream and
downstream facilities, petrochemical and associated activities. It focuses on production assurance of
oil and gas production, processing and associated activities and covers the analysis of reliability and
maintenance of the components. This includes a variety of business categories and associated systems/
equipment in the oil and gas value chain. Production assurance addresses not only hydrocarbon
production, but also associated activities such as drilling, pipeline installation and subsea intervention.
This document provides processes and activities, requirements and guidelines for systematic
management, effective planning, execution and use of production assurance and reliability technology.
This is to achieve cost-effective solutions over the life cycle of an asset development project structured
around the following main elements:
— production assurance management for optimum economy of the facility through all of its life cycle
phases, while also considering constraints arising from health, safety, environment, and quality;
— planning, execution and implementation of reliability technology;
— application of reliability and maintenance data;
— reliability-based technology development, design and operational improvement.
The IEC 60300-3 series addresses equipment reliability and maintenance performance in general.
This document designates 12 processes, of which seven are defined as core production assurance
processes and addressed in this document. The remaining five processes are denoted as interacting
processes and are outside the scope of this document. The interaction of the core production assurance
processes with these interacting processes, however, is within the scope of this document as the
information flow to and from these latter processes is required to ensure that production assurance
requirements can be fulfilled.
The only requirement mandated by this document is the establishment and execution of the production
assurance programme (PAP). It is important to reflect the PAP in the overall project management in the
project for which it applies.
This document recommends that the listed processes and activities be initiated only if they can be
considered to add value.

  • Standard
    107 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    101 pages
    English language
    sale 10% off
    e-Library read for
    1 day