ISO 22301 CERTIFICATION

ISO 22301 stands for a regulatory reference which certifies the business continuity management system.

The ISO 22301 standard can be applied to any type of company, regardless its field of activity or size.

ISO 22301 standard is built on 10 sections, designed to manage all the aspects of the company life and to lead the organization’s processes to the implementation of the business continuity management system.

Namely, ISO 22301 standard allows the company to evaluate potential threats, to forecast the impact of downtime on the company’s operating performance and to design proper solutions.

The purpose of this analysis is to maintain the continuity of production and provision of services until the recovery of normal operational work, in a reasonable timeframe and modality for customers.

Basically, ISO 22301 standard outlines the procedure necessary to ensure business continuity even in case of unexpected situation.

By following the guidelines of ISO 22301 standard, the organization will be able:

• To reduce the costs arising from a business interruption;
• To continue to operate, even in case of emergency. This is particularly relevant for the companies involved in social sectors;
• To get a competitive edge;
• To promote the development of procedures for managing emergency situations by fostering a resilience culture, essential when important changes occur.

The certification path consists of 4 stages

Certification Request

All the economic aspects and the auditors’ activities related to the certification process may be agreed at this stage. The finalization of a contract concludes this part. Indeed the process for certification depends on the contract stipulated between the company and the certification body.
Generally, it is valid for three years.

Preliminary Audit (optional and possibly requested by the customer)

It is an initial assessment of the current company’s management system.
The preliminary audit is not involved in the normal process for certification and any possible improvement thus is intended to be nothing but a suggestion and it is not included in the official audit report.

Certification Audit – Stage 1

The audit is held in the company office. In this stage, the auditor gathers all the informations and evaluates the documents referring to the management system that must be certified. The auditor analyses the compulsory and voluntary standards. This is a preparatory step for the second stage of the Certification Audit.

Certification Audit – Stage 2

In this stage, the auditor will ascertain that the company complies with the management system. At the end of this process, the auditor will submit the ISO issue request to the certification body, if a significant nonconformity does not occur.