Business Continuity is about taking responsibility for your business and enabling it to stay on track whatever trials and tribulations it faces.

It is about building and improving resilience; identifying your key products and services and the most urgent activities that underpin them and then, devising plans and strategies that will enable you to continue your business operations and enable you to recover quickly and effectively from any type of disruption whatever its size or cause. It gives you a solid framework to lean on in times of crisis and provides stability and security.

According to ISO 22301:2012 Business Continuity is the capability of the organisation to continue delivery of products or services at acceptable predefined levels following a disruptive incident. It includes three key elements:

1. Resilience: critical business functions and the supporting infrastructure are designed and engineered in such a way that they are materially unaffected by most disruptions, for example through the use of redundancy and spare capacity;

2. Recovery: arrangements are made to recover or restore business functions that fail for some reason.

3. Contingency: an established capability and readiness to cope effectively with whatever major incidents and disasters occur, including those that were not foreseen. Contingency preparations constitute a last-resort response if resilience and recovery arrangements prove inadequate in practice.

Business Continuity Management is an holistic management process that identifies potential threats to an organisation. Assesses the risk and provides a framework for building organisational resilience with an effective response that safeguards the interests of key stakeholders, the reputation, the brand and value-creating activities.

ISO 22301:2012, Societal security — Business continuity management systems Requirements