ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I'm currently trying to implement ISO 22301 for part of my organization. I already have a BCM policy for the whole organization. How do I create the policy required by ISO 22301?
Do I create the policy as separate from the existing one, or as an annex to it?
Answer:
You can maintain the BCM Policy for the whole organization (as a best practice), although the requirements of the ISO 22301 will be mandatory only for the part involved in the scope of the system. If you have a scope limited, our recommendation is that in the future you expand it to all the organization, due to generally on this way is more easy the management.
This article can be interesting for you “The purpose of Business continuity policy according to ISO 22301” : https://advisera.com/27001academy/blog/2013/06/04/the-purpose-of-business-continuity-policy-according-to-iso-22301/
And this article can be also interesting for you (although is related to ISO 27001, the most of the article can be also applied to ISO 22301) “Problems with defining the scope in ISO 27001” : https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
Comment as guest or Sign in
Jan 13, 2016