ISo 22301:2019(E) Security and resilience -Business continuity management systems -Requirements

ISo 22301:2019(E) Security and resilience -Business continuity management systems -Requirements 1 Scope This document specifies requirements to implement, maintain and improve a management system toprotect against,reduce the likelihood of the occurrence of, prepare for, respond to and recover fromdisruptions when they arise. The requirements specified in this document are generic and intended to be applicable to allorganizations,or parts thereof, regardless of type, size and nature of the organization.The extent ofapplication of these requirements depends on the organization's operating environment and complexity.This document is applicable to all types and sizes of organizations that: a)implement, maintain and improve a BCMS; b)seek to ensure conformity with stated business continuity policy; c)need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption; dseek to enhance their resilience through the effective application of the BCMS. This document can be used to assess an organization's ability to meet its own business continuity needsand obligations. 2Normative references The following documents are referred to in the text in such a way that some or all of their contentconstitutes requirements of this document, For dated references, only the edition cited applies.Forundated references, the latest edition of the referenced document (including any amendments) applies.ISO 22300, Security and resilience —Vocabulary 3Terms and definitions For the purposes of this document, the terms and definitions given in ISo 22300 and the following apply.ISo and IEC maintain terminological databases for use in standardization at the following addresses: