The first edition of ISO 22301 was launched in May 2012. It was the first truly internationally accepted standard on business continuity, and it consists of requirements to implement a Business Continuity Management System according to ISO Annex SL. As such, it stood in line with its prominent predecessors such as ISO 9001 and ISO/IEC 27001.
When ISO/TC 292 (ISO Technical Committee 292 on Security and Resilience), its workgroup WG 2 – responsible for this standard – first asked within the community about the need to update it, there was astonishingly little response. We, as members, could not believe that nobody had the intention or desire to update this international standard. However, all of a sudden, the interest exploded and the respective Project Team within WG 2 was challenged within an unprecedented volume of change requests concerning ISO 22301:2012.
As of now, several modifications were integrated into the ISO22301:2019 version. During the revision process, a number of developments had to be observed. As ISO 22301:2012 was the first in a series of standards on business continuity developed by this TC, care had to be taken to synchronize modifications with the central glossary of this TC (ISO 22300) and auxiliary standards (technical specifications, TR) developed after 2012 (e.g. standards on organizational resilience, business impact analysis, etc.).
Here is a summary of current modifications and similarities as compared to the original version:
| Clause | Description |
Modifications and Similarities |
| 4 | Context of the organization |
Clause 4 receive only very minute modifications. The project team tried to create introductory sub-clauses at the beginning of each clause. As such, for example, sub-clause 4.1 is an introduction to clause 4 and sub-clause 4.2.1 (general) is an introduction to sub-clause 4.2. |
| 5 | Leadership | Leadership has been streamlined |
| 6 | Planning | Planning was enhanced, focusing on business continuity objectives and planning to achieve them (6.2). A new sub-clause on planning changes to the BCMS (6.3) was introduced. |
| 7 | Support | Clause 7, like Clause 5, was streamlined |
| 8 | Operation | Clause 8 required massive modifications and will be elaborated upon in a follow-up article |
| 9 |
Performance Evaluation | Clause 9 was streamlined, also taking into account the new requirements by ISO on how the clause should look in order to be aligned with all ISO system management standards. |
| 10 | Improvement | Clause 10 was streamlined |
| Please feel free to send us a note if you have any of these questions |