CERTIKIT ISO22301 Enhanced Gap Assessment Tool

Page 1

Please note: This sample shows only a small part of the complete Enhanced Gap Assessment tool. This comprehensive gap assessmnet tool includes the exact text of the ISO22301 Standard broken down by individual requirement within a user friendly spreadsheet.

ISO22301 Enhanced Gap Assessment Tool Terms used: BCMS: Quality Management System Business Continuity Management System Requirements ISO22301 REQUIREMENTS

REQS MET?

4 Context of the organization 4.1 Understanding the organization and its context l The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its BCMS. NOTE: These issues will be influenced by the organization’s overall objectives, its products and services and the amount and type of risk that it may or may not take. Totals:

Yes

1

4.2 Understanding the needs and expectations of interested parties 4.2.1 General When establishing its BCMS, the organization shall determine: l a) the interested parties that are relevant to the BCMS; l b) the relevant requirements of these interested parties.

Yes Yes Totals:

2

4.2.2 Legal and regulatory requirements The organization shall: l a) implement and maintain a process to identify, have access to, and assess the applicable legal and regulatory requirements related to the continuity of its products and services, activities and resources; l b) ensure that these applicable legal, regulatory and other requirements are taken into account in implementing and maintaining its BCMS; l c) document this information and keep it up to date. Totals:

Purchase online at www.certikit.com For any questions, please email sales@certikit.com

Yes

Yes Yes 3

ACTION NEEDED TO MEET REQUIREMENTS

ACTION OWNER


ISO22301 Enhanced Gap Assessment dashboard (summary) To refresh chart data, click on “Refresh All” on the Data ribbon.

Gap assessment results AREA OF STANDARD

REQS IN SECTION

4 Context of the organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvement Total

NO OF REQS MET

15 18 25 26 104 39 15 242

PERCENTAGE CONFORMITY

15 18 25 26 104 39 15 242

Percentage conformity to the ISO22301 standard summary level radar chart

100% 100% 100% 100% 100% 100% 100% 100%

4 Context of the organization 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%

10 Improvement

Level of conformity to the ISO22301 standard summary level

5 Leadership

9 Performance evaluation NO OF REQS MET

6 Planning

REQS IN SECTION

15 4 Context of the organization 15 8 Operation

7 Support

18 5 Leadership 18

Percentage level of conformity to the ISO22301 standard summary level 25 6 Planning 25

100%

100%

100%

100%

100%

100%

100%

100%

4 Context of the organization

5 Leadership

6 Planning

7 Support

8 Operation

9 Performance evaluation

10 Improvement

90%

26 7 Support

80%

26

70% 104

60%

8 Operation 104

50% 40%

39 9 Performance evaluation

30%

39

20% 15 10%

10 Improvement 15

0% 0

20

40

60

Purchase online at www.certikit.com For any questions, please email sales@certikit.com

80

100

120


ISO22301 Enhanced Gap Assessment dashboard (detailed) To refresh chart data, click on “Refresh All” on the Data ribbon.

Gap assessment results AREA OF STANDARD

SECTION

4 Context of the organisation 4 Context of the organisation 4 Context of the organisation 4 Context of the organisation 5 Leadership 5 Leadership 5 Leadership 6 Planning 6 Planning 6 Planning 7 Support 7 Support 7 Support 7 Support 7 Support 8 Operation 8 Operation 8 Operation 8 Operation 8 Operation 8 Operation 9 Performance evaluation 9 Performance evaluation 9 Performance evaluation 10 Improvement 10 Improvement

4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of interested parties 4.3 Determining the scope of the BCMS 4.4 Business continuity management system 5.1 Leadership and commitment 5.2 Policy 5.3 Roles, responsibilities and authorities 6.1 Actions to address risks and opportunities 6.2 Business continuity objectives and planning to achieve them 6.3 Planning changes to the business continuity management system 7.1 Resources 7.2 Competence 7.3 Awareness 7.4 Communication 7.5 Documented information 8.1 Operational planning and control 8.2 Business impact analysis and risk assessment 8.3 Business continuity strategies and solutions 8.4 Business continuity plans and procedures 8.5 Exercise programme 8.6 Evaluation of business continuity documentation and capabilities 9.1 Monitoring, measurement, analysis and evaluation 9.2 Internal audit 9.3 Management review 10.1 Nonconformity and corrective action 10.2 Continual improvement

REQS IN SECTION 1 5 8 1 8 7 3 7 13 5 1 4 4 5 12 5 14 21 49 9 6 6 10 23 13 2 242

Total

NO OF REQS PERCENTAGE MET CONFORMITY 1 100% 5 100% 8 100% 1 100% 8 100% 7 100% 3 100% 7 100% 13 100% 5 100% 1 100% 4 100% 4 100% 5 100% 12 100% 5 100% 14 100% 21 100% 49 100% 9 100% 6 100% 6 100% 10 100% 23 100% 13 100% 2 100% 242 100%

Percentage conformity to the ISO22301 standard detailed level radar chart

4.1 Understanding the organization and its context 10.2 Continual improvement 100% 4.2 Understanding the needs and expectations of… 10.1 Nonconformity and corrective action 4.3 Determining the scope of the BCMS 90%

80% 70% 60% 50% 40% 30% 20% 10% 0%

9.3 Management review 9.2 Internal audit 9.1 Monitoring, measurement, analysis and evaluation

8.6 Evaluation of business continuity documentation and…

4.4 Business continuity management system 5.1 Leadership and commitment 5.2 Policy

5.3 Roles, responsibilities and authorities

8.5 Exercise programme

6.1 Actions to address risks and opportunities

8.4 Business continuity plans and procedures

6.2 Business continuity objectives and planning to achieve…

8.3 Business continuity strategies and solutions

6.3 Planning changes to the business continuity…

8.2 Business impact analysis and risk assessment

7.1 Resources

8.1 Operational planning and control 7.2 Competence 7.5 Documented information 7.3 Awareness 7.4 Communication

Level of conformity to the ISO22301 standard detailed Level NO OF REQS MET

REQS IN SECTION

60 49

50

49

40 30 21 20

13

10

5 1

5

8

8

1

8 1

8

7

7

7 3

1

13

7

12 5

3

5 1

1

4

4

4

4

5

14

12

5

23

21 9

5

23

14 9

5

10 6

6

6

13

10

13

6 2

2

0 4.1 Understanding the organization and its context

4.2 4.3 Determining Understanding the scope of the the needs and BCMS expectations of interested parties

4.4 Business continuity management system

5.1 Leadership and commitment

4 Context of the organisation

5.2 Policy

5.3 Roles, 6.1 Actions to responsibilities address risks and and authorities opportunities

5 Leadership

6.2 Business continuity objectives and planning to achieve them

6.3 Planning changes to the business continuity management system

7.1 Resources

7.2 Competence

6 Planning

7.3 Awareness

7.4 7.5 Documented 8.1 Operational Communication information planning and control

8.2 Business impact analysis and risk assessment

7 Support

8.3 Business continuity strategies and solutions

8.4 Business continuity plans and procedures

8.5 Exercise programme

8.6 Evaluation of 9.1 Monitoring, 9.2 Internal audit 9.3 Management 10.1 business measurement, review Nonconformity continuity analysis and and corrective documentation evaluation action and capabilities

8 Operation

9 Performance evaluation

10.2 Continual improvement

10 Improvement

Percentage level of conformity to the ISO22301 standard detailed level 100%

100%

100%

100%

100%

100%

100%

4.4 Business continuity management system

5.1 Leadership and commitment

5.2 Policy

100%

100%

100%

100%

100%

100%

100%

6.3 Planning changes to the business continuity management system

7.1 Resources

7.2 Competence

7.3 Awareness

100%

100%

100%

100%

100%

100%

100%

8.2 Business impact analysis and risk assessment

8.3 Business continuity strategies and solutions

8.4 Business continuity plans and procedures

8.5 Exercise programme

100%

100%

100%

100%

100%

100%

90%

80% 70% 60% 50% 40% 30% 20% 10% 0% 4.1 4.2 4.3 Determining Understanding Understanding the scope of the the organization the needs and BCMS and its context expectations of interested parties

5.3 Roles, 6.1 Actions to 6.2 Business responsibilities address risks and continuity and authorities opportunities objectives and planning to achieve them

Purchase online at www.certikit.com For any questions, please email sales@certikit.com

7.4 7.5 Documented 8.1 Operational Communication information planning and control

8.6 Evaluation of 9.1 Monitoring, 9.2 Internal audit 9.3 Management 10.1 business measurement, review Nonconformity continuity analysis and and corrective documentation evaluation action and capabilities

10.2 Continual improvement


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.