Certify ISO 22301 methodology?
Assign topic to the user
Answer:
I am not sure if I have understood your question but an organization cannot certify only a methodology, for example their ISO 22301 methodology, can certify a system (Business Continuity Management System - BCMS) based on ISO 22301, which is used for the management of the continuity of products, services, and all related activities of the business, so, really you can certify products, services and all related activities of the business of the organization, using ISO 22301 and their elements (BCP, BIA, RA, etc).
And effectively, you can certify the whole organization, although it is not mandatory, I mean you can also limit the scope (what products, services, activities will be included in the scope).
For the definition of the scope you need to identify other elements (internal and external issues, interfaces and dependencies, etc.), so this article can help you (talks about ISO 27001 but is similar to ISO 22301) “How to define the ISMS scope” : https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
Comment as guest or Sign in
Apr 13, 2016