First of all, implementing a certification in multiple geographic locations is a complex task and you should go for it only if it is really necessary for business strategies and objectives. Instead, you should consider the prioritization of locations and implementing the certification one location at a time.
In case there is a need for simultaneous implementation across multiple sites, a good approach would be:
- evaluate sites to identify interrelationships and dependencies between them
- define groups with similar characteristics, like size, business stream, interrelationships and dependencies
- define how to fulfill the standard's requirements considering two levels: the first level covering what is common for all defined groups (e.g., most aspects of business continuity policy, document control procedure, management review, Business Impact Analysis Methodology, etc.), and the second level covering what needs to be defined by each group, or unique location (e.g., continuity objectives, business continuity strategy, business continuity plan, etc.)
- Develop the general documents in a global way and after those are developed, then coordinate the development of specific documents in the other sites
For further information, see: