ISO22301 Toolkit Implementation Guide
2 Using the CertiKit ISO22301 Toolkit 2.1 Section 0: Introduction Relevant Toolkit documents: •
None
The introduction to the standard is worth reading, if only once. It gives a good summary of what the ISO sees as the key components of a BCMS; this is relevant and important when understanding where the auditor is coming from in discussing what might be called the “spirit” of the BCMS. The detail in other sections of the standard should be seen in the context of these overall principles and it’s important not to lose sight of that when all attention is focussed on the exact wording of a requirement. The Plan-Do-Check-Act (PDCA) model is described more for backwards compatibility reasons than because it’s important in ISO22301, as the standard doesn’t refer to it again, so don’t worry too much if these sections don’t make much sense to you. An explanation of the specific meaning of a number of key words used in all such standards is given: • • • •
“Shall” means you must “Should” means we think you ought to, but you don’t strictly have to “May” means you can if you want to “Can” means it’s possible, but we’re not saying you should, or you shouldn’t
Obviously the important one in the above list is “shall” as where this is used it means it’s a requirement you will be expected to comply with in your BCMS. There are no requirements to be met in this section.
2.2 Section 1: Scope Relevant Toolkit documents: •
None
This section refers to the scope of the standard rather than the scope of your BCMS. It explains the fact that the standard is a “one size fits all” document which is intended to apply across business sectors, countries and organization sizes and can be used for a variety of purposes. There are no requirements to be met in this section.
Version 6
certikit.com
Page 16 of 37