aviatinemergencyrespnseplan.cm (parent website) Infrmatin Article ISO - Internatinal Standards fr Business Cntinuity Operatins (in an Aviatin Related Cntext) Extract frm the Vikings Business Cntinuity Plan - Circa 810 AD - Key Prduct: Ravish & Pillage Critical Resurce: Lngbat Sail(s) Risk (Threat): N Wind Impact: Unacceptable business lss BC Treatment: Use Oars MTPD / RTO: Immediate Resurces: 1) Manpwer 2) Oars 3) Whips Relevance: Many (if nt mst) rganisatins (f all types) nw require (whether they realise it r nt) an effective and efficient business cntinuity plan. This shrt infrmatin article prvides an verview f the tw (ISO) internatinal standards related t business cntinuity. These standards can and shuld be used by all types f rganisatins t guide preparatin f their wn business cntinuity plans Whilst the cntext f the wrd rganisatin can be and is indeed very brad, its use in this infrmatin article generically relates t airlines, airprts, grund-handlers, air navigatin service prviders, aviatin maintenance rganisatins, flying training schls and ther aviatin related entities Infrmatin / Internatinal (ISO) Standards fr Business Cntinuity - 2017
aviatinemergencyrespnseplan.cm (parent website) Internatinal Standards ISO (Backgrund Infrmatin) ISO (Internatinal Organisatin fr Standardisatin) is the wrld s largest develper f vluntary Internatinal Standards. ISO was funded in 1947, and has subsequently published mre than 19,500 Internatinal Standards (and grwing) cvering almst all aspects f technlgy and business. 162 cuntries were members f ISO In 2016 A standard is a dcument which prvides requirements, specificatins, guidelines r characteristics - and which can be used cnsistently t ensure that materials, prducts, prcesses and services are fit fr their intended purpse. ISO s Internatinal Standards are nt free i.e. they require purchase Sme f the first ISO standards issued were in the ISO 9000 (Quality Management) range - with perhaps the best knwn being ISO 9001 - Quality Management System Requirements (nw [2016] knwn as ISO 9001-2015 ) Internatinal Standards aim at ensuring that prducts and services are safe, reliable and f gd quality. Fr business, they are strategic tls which can reduce csts by minimising waste and errrs - and increasing prductivity. They can als help rganisatins t access new markets, level the playing field fr develping cuntries and facilitate free and fair glbal trade Nte - many cuntries prduce their wn natinal standards (similar in cncept t ISO standards) n a vast range f subjects. Sme take guidance frm / are similar t ISO standards and sme d / are nt In sme subject matter areas the best f natinal standards have been cmbined t create an equivalent ISO internatinal standard. An excellent example f this relates t business cntinuity planning and peratins - see belw ISO - Business Cntinuity Standards Up t 2012 a significant number f cuntries had prduced their wn natinal standards relating t the subject f business cntinuity. In that year mst (but nt all e.g. the USA) f these natinal standards were superseded by tw new internatinal (ISO) standards: ISO 22301:2012 - Scietal Security - Business Cntinuity Management Systems (BCMS) - Requirements This standard specifies the requirements fr planning, establishing, implementing, perating, mnitring, reviewing, maintaining and cntinually imprving a dcumented management system t prtect against, reduce the likelihd f ccurrence, prepare fr, respnd t, and recver frm disruptive incidents i.e. a BCMS Infrmatin / Internatinal (ISO) Standards fr Business Cntinuity - 2017
aviatinemergencyrespnseplan.cm (parent website) Hw these requirements are applied typically depends n the varius aspects f an rganisatin's perating envirnment, the cmplexity f the rganisatin - and hw far it wishes t g Organisatins will be able t apply fr accredited certificatin against this standard and s demnstrate t legislatrs, regulatrs, custmers, prspective custmers and ther interested parties that they (rganisatins) are adhering t gd Business Cntinuity Management (BCM) practice. Cmpliance r alignment with ISO 22301 als enables the business cntinuity manager / equivalent persn t demnstrate t tp management that a recgnized BCM level f peratin has been achieved within the rganisatin ISO 22301 is necessarily frmal in style (cmprises shrt, cncise requirements) in rder t facilitate cmpliance auditing and frmal certificatin. Hwever, a mre extensive (and separate) standard (ISO 22313:2012 - see next main bullet pint further belw) has been cncurrently develped in rder t prvide greater detail (guidance) n each ISO 22301 requirement Ptential benefits f adpting the ISO 22301:2012 standard include: Identificatin and management f current and future threats Taking a practive apprach t minimizing the impact f incidents n business Keeping critical functins up and running during times f crisis Minimising dwntime during incidents and imprving recvery time Demnstrating resilience t custmers, ptential custmers, suppliers etc. ISO 22313:2012 - Scietal Security - Business Cntinuity Management Systems (BCMS) - Guidance This standard prvides guidance (based n gd internatinal practice) fr planning, establishing, implementing, perating, mnitring, reviewing, maintaining and cntinually imprving a dcumented management system - thus enabling rganisatins t prepare fr, respnd t and recver frm disruptive incidents It is nt the intent f ISO 22313 t imply unifrmity in the structure f a BCMS - but rather fr an rganisatin t design a BCMS which is apprpriate t its wn needs and which meets the requirements f assciated interested parties / stakehlders - including custmers. Such needs are typically shaped by: Legal, regulatry, rganisatinal and industry requirements The nature f an rganisatin s prduct(s) and / r service(s) etc. The prcesses assciated with prviding the prduct(s) and / r services etc. The rganisatin s perating envirnment The size, structure and cmplexity f the rganisatin The rganisatin s risk appetite Infrmatin / Internatinal (ISO) Standards fr Business Cntinuity - 2017
aviatinemergencyrespnseplan.cm (parent website) ISO 22313 is generic (i.e. applicable t all sizes and types f rganisatin, including large, medium and small entities perating in industrial, cmmercial, public and nt-fr-prfit sectrs) - that wish t: Establish, implement, maintain and cntinually imprve a BCMS Ensure cnfrmance with the rganizatin's business cntinuity plicy Make a self-determinatin / self-declaratin f cmpliance with ISO 22313 - r Use the guidance t achieve ISO 22301 accredited certificatin Nte - ISO 22301 and ISO 22313 were develped in the main n the best f the preceding natinal standards referred t further abve - and are the prduct f significant glbal c-peratin and input Links: ISO 22301 ISO 22313 What is Scietal Security? ISO 22301 was develped by ISO s Technical Cmmittee (TC) 223. The latter deals with scietal security type issues i.e. it develps standards fr the prtectin f sciety frm (and in respnse t) incidents, emergencies, disasters etc. - caused e.g. by intentinal and unintentinal human acts, natural hazards, technical failures and s n TC 223 s all-hazards perspective cvers practive, adaptive and reactive strategies befre, during and after a scietal security related event The area f scietal security is multi-disciplinary and typically (but nt exclusively) requires active participatin frm bth the public and private sectrs Sme examples f TC 223 s ther prjects have included: ISO 22320:2011, Scietal Security - Emergency Management - Requirements fr Incident Respnse *ISO 22315 - Scietal Security - Mass Evacuatin *ISO 22322 - Scietal Security - Emergency Management - Public Warning *ISO 22324 - Scietal Security - Emergency Management - Clur-cded Alert ISO 22398 - Scietal Security - Guidelines fr Exercises and Testing * e.g. - as might be used in similar situatins t the December 2004 Tsunami disaster in SE Asia; Hurricane Katrina - August 2005 USA; Haiti earthquake - January 2010 Infrmatin / Internatinal (ISO) Standards fr Business Cntinuity - 2017
aviatinemergencyrespnseplan.cm (parent website) Internatinal Standards / Business Cntinuity / Aviatin Related Organisatins Fr detailed infrmatin relating t hw aviatin type rganisatins might use ISO (and ther) standards in the preparatin f business cntinuity plans - please fllw: http://www.aviatinemergencyrespnseplan.cm/aviatin-business-cntinuity/ When the webpage pens, scrll dwn until yu see the wrd link almst at the bttm f the webpage. Click n it and yu will pen prbably the wrld s nly cmprehensive guide t business cntinuity planning, set against an aviatin cntext Infrmatin / Internatinal (ISO) Standards fr Business Cntinuity - 2017