Business Continuity Management (BCM) – ISO 22301

Business Continuity Management ensures through the methodical procedure according to the requirements of ISO 22301 that the continuation of a business operation is secured in the best possible way in case of crises or unexpected events.


BCM – Lifecycle

The identification and analysis of critical business processesis crucial and forms the basis for the following questions:

  • which processes in the company must be maintained functional and
  • which measures are necessary for this.

One of the main components of BCM is the Business Impact Analysis (BIA). Using BIA, the dependencies between IT processes and/or business processes/areas are methodically recorded and presented.

Further sub-areas of BCM include emergency and crisis management to ensure the essential business processes and the continuity of business operations.

The result of BIA / BCM

  • the criticality of the effects of failures in business and IT processes becomes transparent and
  • critical points of attack can be identified, considered and appropriate measures taken
  • emergency planning, including emergency tests, is implemented
  • the associated documentation is checked, evaluated and managed.

Together with risk analysis, BIA forms the basis for the security strategy of a company.

The Business Continuity Management Software QSEC offers optimal support here by combining risk management according to ISO 27005 with business impact analysis according to ISO 22301.