Since the ISO standard for Crisis Management (CM) was published in 2022, BCM Institute has continued to train its participants in the seven-phase CM planning methodology aligned with this international standard.
The strength of the seven-phase approach is that it is modular, with specific deliverables after each implementation. To maintain rigour, the seven-phase method is aligned with ISO22361:2022. This eBook aims to provide our participants with additional know-how on achieving the ideal ISO22361 requirement.
Effective crisis management ensures resilience and continuity in the dynamic risk management landscape.
Developing and implementing a comprehensive CM Plan prepares organisations to navigate and recover from unforeseen disruptions.
To this end, various methodologies and standards have been established to guide organisations in crafting robust crisis management strategies.
One such methodology is the BCM Institute's Seven-Phase Crisis Management Planning Methodology, which provides a structured approach to developing and executing a CM Plan.
This methodology encompasses phases from initial project management to ongoing program management, each focusing on specific crisis preparedness and response aspects.
The ISO 22361:2022 standard, on the other hand, represents a globally recognised framework for crisis management. It offers detailed requirements and best practices for organisations to enhance their crisis resilience.
ISO 22361:2022 emphasises a holistic approach to crisis management, integrating it with broader organizational resilience and business continuity efforts. The standard provides a comprehensive set of guidelines for each crisis management phase, ensuring that organisations are well-equipped to handle and recover from crises effectively.
In this comparison chart, we compare the seven phases of the Crisis Management Planning Methodology against the corresponding requirements of ISO 22361:2022.
This detailed analysis highlights the similarities and differences between the two approaches, offering insights into how the ISO standard enhances and extends the methodology's framework.
By examining the key elements of each phase, organisations can better understand how to align their CM strategies with ISO 22361:2022, ultimately strengthening their preparedness and resilience in the face of crises.
Here is a comparison chart between the seven phases of Crisis Management Planning Methodology and the corresponding requirements of ISO 22361:2022 for crisis management professionals.
|
Crisis Management Planning Methodology |
ISO 22361:2022 Requirements |
ISO Reference |
| Phase 1: Project Management | ||
|
ISO 22361 emphasises establishing a crisis management structure with clearly defined roles and responsibilities. Teams should be assembled early on, and objectives and strategies should be clear. Leadership commitment is vital. |
Clause 4.2: Organisational Structures and Leadership |
| Phase 2: Crisis Scenario Risk Assessment | ||
|
ISO 22361 highlights the importance of a thorough risk assessment to identify vulnerabilities and potential crises. Risk identification and evaluation should involve prioritisation based on impact and likelihood to inform crisis planning. |
Clause 4.3: Risk Assessment |
| Phase 3: Business Impact Analysis (BIA) | ||
|
ISO 22361 integrates Business Impact Analysis (BIA) as a key tool for evaluating the consequences of disruption on critical services and processes. It also emphasises the need to set recovery objectives and timelines. |
Clause 4.4: Impact Assessment and Business Functions |
| Phase 4: Crisis Management Strategy | ||
|
ISO 22361 requires organisations to create a comprehensive CM strategy with clear decision-making processes and defined CMT roles. The CM strategy should be adaptable and scalable depending on the crisis. |
Clause 4.5: Crisis Management Strategy |
| Phase 5: Crisis Management Plan Development | ||
|
ISO 22361 emphasises developing a CM Plan that includes detailed response actions, communication strategies, and business continuity integration. It outlines the importance of accessible documentation. |
Clause 5: Crisis Management Plans |
| Phase 6: Testing and Exercising | ||
|
ISO 22361 mandates regular testing and exercising of the crisis management plan through simulations, drills, and after-action reviews to ensure preparedness and continuous improvement. |
Clause 6: Exercising and Testing |
| Phase 7: Program Management | ||
|
ISO 22361 requires ongoing program management, ensuring the CM Plan is regularly reviewed, updated, and communicated throughout the organisation. This includes fostering a culture of preparedness. |
Clause 7: Continuous Improvement and Program Management |
ISO 22361 strongly focuses on the long-term sustainability of CM programs, stressing continuous updates and fostering a culture of crisis preparedness, similar to the CM Methodology's program management phase.
This chart cross-references each phase of the CM Planning Methodology with ISO 22361:2022 requirements, helping organisations understand the alignment and areas of focus for security professionals involved in operational resilience and crisis management.
The following chapters detail each phase of the CM Planning Methodology.
| CM Planning Methodology Versus ISO 22361 Element | |||
Crisis Management Planning Methodology |
|||
To learn more about the course and schedule, click the buttons below for the CM-300 Crisis Management Implementer [CM-3] and the CM-5000 Crisis Management Expert Implementer [CM-5].
|
Please feel free to send us a note if you have any questions. |
||||