ISO 22301 Consulting
ISO 22301 Consulting Services from SHC will help you become compliant and certified more quickly. Compliance with external standards such as ISO 22301 is a top priority for many organisations who need a robust Business Continuity Management System (BCMS).
ISO 22301, is the recognised international standard for Business Continuity Management Systems (BCMS), published by the International Organisation for Standardization (ISO). It will help you to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented business continuity management system.
For organisations that need to demonstrate to customers that they have a well organised, efficient Business Continuity Management, it can provide significant competitive advantage in the marketplace.
ISO 22301 Compliance
Becoming compliant with the ISO 22301 standard shows customers, auditors and other stakeholders that your organisation is serious about Business Continuity Management.Whether you are using the standard as a guideline or working towards certification, our consultants can provide expert assistance in a number of ways: –
Gap Analysis
An ISO 22301 gap analysis from SHC will compare and document your current Business Continuity Management System with the requirements of the standard. We will carry out a detailed assessment of how you comply with the mandatory clauses of the standard by looking at all the relevant areas of your organisation and infrastructure. It will also help you to identify where there are adequate business processes in place and where there are areas for improvement.
Risk Assessment
One of the most difficult and time-consuming elements of implementing ISO standards can be carrying out an operational risk assessment. All ISO management standards are risk based frameworks but do not prescribe a specific risk assessment methodology. Choosing the correct risk assessment methodology for your organisation is an essential step toward effectively managing your operational risks.The risk assessment methodology should address the size of the risks versus organisational risk appetite, apply a proportional response. We take a pragmatic approach to assessing and documenting and prioritising the real risks to your business operations and help you to develop effective risk treatment plans.
Developing Policies and Procedures
Before implementing ISO 22301, it is common for organisations to have inadequate documentation and in some cases, no written business continuity policies or processes at all. Where policy gaps are identified, we can help you speed up the process of creating policy documents. We can provide both template and bespoke documentation. Our aim is to help you produce policy documents that are practical and brief enough to be useable but robust enough to provide effective quality and process management.
INTERNAL AUDIT
Before you can qualify for an ISO 22301 certificate, you will need to implement an internal audit program. You will also need to have carried out at least some of the audits from your schedule. Our consultants can help you get up to speed quickly by walking you through the security audit process.
Our internal audit service is also aimed at organisations who already have an internal audit program in place but need assistance with the audit workload or who feel they would benefit from a fresh pair of eyes from time to time
ISO 22301 Certification Preparation
We can provide expert assistance to guide you through the certification process to ensure you are fully prepared for the final certification audits with your UKAS accredited certification body. We can also attend the certification audits themselves, if you want the additional support. This will help to ensure that the effectiveness of your BCMS is communicated to your external auditor, in terms that will be familiar to them.
Management review
Periodic management reviews are a cornerstone of an ISO based management systems and you will need to have held at least one management review to gain certification. An experienced SHC consultant will guide you through the process and ensure effective review of internal and external audit results, security incident records and your updated risk assessments to help you ensure continual improvement of your Business Continuity Management System.