Business Resiliency in the Face of Global Change
Published on 12 October 2012
“Change is the only constant” – indeed, a lot of us would agree. In fact, some may even argue that it is a widely-accepted truth, and there is probably a good reason why.
Change, indeed, happens to all. Although it brings about varying opinions on whether it connotes something positive or negative, one thing is for sure – change is inevitable. And sure enough, the same can be said about Global Change.
That is why, in this issue of the Asia Business Continuity Digest, we highlight some issues and trends relevant to Global Change, and explain how these relate back to the growing importance of Business Continuity Management (BCM) today.
Standard and Policy Change: Transaction to ISO22301
Many considered last May as a “pivotal moment” to BCM-certified organizations and practitioners as it marked ISO’s launching of the much awaited ISO22301 or the “Societal security – Business continuity management systems – Requirements.”
At the same time, however, the ISO22301 replaces the British Standard BS25999.
Although there are no extreme differences between the two, there are some significant changes in the “management” section of the ISO22301. Moreover, the ISO22301 – as compared to the BS 25999 – puts greater emphasis on understanding requirements, setting objectives and measuring performance.
So, what does the launching of the ISO22301 actually mean to BCM-certified organizations?
Since the ISO22301 has direct influence on existing policies and regulations of BCM-certified organizations, it essentially becomes the basis of any relevant upgrades or changes henceforth. The same applies to the whole BCM industry.
Naturally, the “transition to ISO22301” has become the latest trend among BCM-certified organization – which is positive in many ways. To make the transition effective, however, organizations must go beyond “just meeting the requirements” of the ISO22301.
Time and effort must be put in to understand the key principles behind the ISO22301 and to develop the necessary skills to implement them. These can be achieved through effective research and proper training. Most importantly however, organizations must keep in mind that BCM-integration is a “continuous” process” – and that a “mere transition” to any BCM standard may indeed lead to a false sense of security or compliance.