Societal Security—Business Continuity Management Systems

 


The PDCA Approach


Similarly to ISO 9001 and ISO 13485, ISO 22301 uses what is called the plan–do–check–act (PDCA) cycle, which uses this model to organize the standard:


Plan. Parts 4, 5, 6, and 7 expect you to plan the establishment of your organization’s BCMS


Do. Part 8 expects you to establish your BCMS


Check. Part 9 expects you to evaluate your BCMS


Act. Part 10 expects you to improve your BCMS


Brief Overview of Key Clauses of ISO 22301:2012 Business Continuity Standard


Following the new structure of ISO Guide 83, ISO 22301 is organized into seven main clauses (Table 35.1), and the key activities for each clause are summarized.


Clause 4: Context of the Organization


Understand your organization, its purpose, and objectives context while understanding the needs and expectations of interested parties in light of legal and regulatory requirements. Organizations should consider how disruptive incidents could impact the organization.


Clause 5: Leadership


Provide leadership and support for your organization and ensure that managers demonstrate their commitment and support and encourage employee involvement. Allocate responsibility and authority for carrying out business continuity roles to the appropriate people within your organization.


Clause 6: Planning


Identify and determine the risks and opportunities that could influence the effectiveness of your organization or disrupt its operation. Define actions and prepare plans to address the risks and opportunities that could influence the effectiveness of your organization or disrupt its operation.


Clause 7: Support


Identify and provide the resources that your organization needs, including procedures and communication tools. Determine the competence requirements of the people under your organization’s control who have an impact on its performance, and ensure that people are aware of their responsibilities.


Clause 8: Operation


Plan and develop your BCMS processes by studying potential disruptions and analyzing business risks, and set your priorities. Establish a formal process that your organization can use to evaluate and set business continuity and recovery priorities, objectives, and targets; document, implement, and maintain your priority-setting process.


Clause 9: Performance Evaluation


Determine how you will monitor and measure the performance and effectiveness of your organization. Make sure that your audit program is capable of determining whether your system conforms to requirements.


Clause 10: Improvement


Identify, react to, and evaluate nonconformities when they occur. Implement corrective actions to address causes, and review the effectiveness of your corrective actions. Continuously improve the performance, suitability, adequacy, and effectiveness of your system.


Only gold members can continue reading. Log In or Register to continue

Stay updated, free articles. Join our Telegram channel

Aug 21, 2016 | Posted by in PHARMACY | Comments Off on Societal Security—Business Continuity Management Systems

Full access? Get Clinical Tree

Get Clinical Tree app for offline access