Security Bloggers Network 

Do we need to make the transition from ISO 22301:2012 to the 2019 revision?

by The ISO 27001 & ISO 22301 Blog – 27001Academy on November 5, 2019

The new revision of ISO 22301 was finally published on October 31, 2019, and you are probably asking yourself whether you need to implement the whole standard all over again. Well, a new implementation is not quite necessary – although the 2019 revision did bring some changes, they are not so drastic.

Timing of complying with the new revision

blogpost-banner-27001-en

As of the date this article was published, accreditation bodies haven’t released information about the transition period for the 2019 revision of ISO 22301 (this article will be updated with this information as soon as it is released by the biggest accreditation bodies).

We can assume, based on previous transition periods of other ISO management standards, like ISO 9001 and ISO 27001, that the transition period may last three years or even less, as the changes on this revision were not so big.

Main differences

“More streamlined and practical.” These words define well what this new 2019 revision of ISO 22301 brings for business continuity management.

  • Many documents are not mandatory anymore, like the Procedure for identification of applicable legal and regulatory requirements, and documents for business impact analysis and risk assessment (although it would be a good practice to use them).
  • Some requirements are less prescriptive (e.g., 4.1 – Understanding the organization and its context, and 7.4 – Communication), which means that organizations now have more freedom to adopt approaches that best fit their contexts.
  • A new clause was added, which requires planning the changes to the BCMS (clause 6.3).
  • Required resources are now identified based on continuity solutions instead of continuity strategies.

Do we need to make the transition from ISO 22301:2012 to the 2019 revision?

Do we need to make the transition from ISO 22301:2012 to the 2019 revision?

For more information about mandatory documents and records for the 2019 revision of ISO 22301, please read: Mandatory documents required by ISO 22301 revision 2019.

Transition or adaptation?

Most changes in (Read more...)

*** This is a Security Bloggers Network syndicated blog from The ISO 27001 & ISO 22301 Blog – 27001Academy authored by The ISO 27001 & ISO 22301 Blog – 27001Academy. Read the original post at: https://advisera.com/27001academy/blog/2019/11/05/iso-22301-transition-from-2012-to-2019-revision-is-it-needed/

The ISO 27001 & ISO 22301 Blog – 27001Academy