ISO consultants

What is ISO 22301?

ISO 22301 is the Business Continuity Management System standard. The Business Continuity Management System (BCMS) has been developed to protect companies from the risks associated with downtime which can occur due to unexpected disruptions or disasters. Disruptions to your business can result in revenue loss, data risk breakdowns and failure to deliver normal client services as per service level agreements (SLAs) or customers contracts.

Do you have a BCP plan in place should the unthinkable happen? By implementing this standard your staff and interested parties are ready should you need to bring into practice your processes.

Candy Management Consultants offer payment plans. Contact Us for more information.

What Are The Benefits?

  • Protect Your Company's Assets
  • Implement Specific Recovery Procedures in the Event of an Incident
  • Streamline Processes and Refocus on Important Company Targets
  • Become More Competitive in Your Industry
  • Uphold Company Reputation
  • Reduce Costs by Minimising Risk

Why Choose Candy?

Tailored to You

Our Flexible 3 Step Process

Gap Analysis

We will complete a thorough gap analysis and review of your business processes to understand how best to implement an ISO compliant management system.

Build The System

Working with your management team we will build your new management system and where possible align to your existing processes to avoid disruptive change.


We will train your workers on the new system and how to maintain it so that you remain compliant. We will also assist you in your preparation for third-party certification audits.


How Much Does It Cost?

We have a set day rate of £750 and we will never charge you for the days that we quote and that you don’t use. The number of days depends on the size of your company, the number of sites and the required scope of the quality management system.

Get your free no-obligation quote here.

The Requirements Explained

Before developing processes or procedures we need to understand the business in regards to how it is run and what factors can hinder or contribute to the running of it, in other words, what does the business do? In determining the context we will identify internal and external issues, interested parties and the scope of the Business Continuity Management System

The leadership clause requires the company’s top management to actively lead the Business Continuity Management System and be able to demonstrate this through policies and responsibilities. Leadership has an emphasis on customer focus with specific applications ranging from support for customer regulatory requirements, risks to enhancing customer satisfaction.

The top management’s responsibilities include establishing and communicating a quality policy, the importance of the Business Continuity Management System and assigning responsibilities to ensure the ongoing effectiveness it.

Planning addresses the process of determining the activities required to achieve the desired goal. It requires critical thinking about the risks that may occur in future and addressing these through adequate control measures. Companies are required to take a risk-based approach and plan for the uncertainties proactively to prevent undesired effects.

Another aspect of planning is to identify objectives that can be used to monitor and track the progress made.

The company is required to determine and provide the resources needed for the establishment, implementation, maintenance, and continual improvement of the Business Continuity Management System. In doing so the organisation should consider the capabilities of, and constraints on, existing internal resources and what needs to be obtained from external providers. This will include people, infrastructure, the working environment, monitoring and measuring resources, organisational knowledge, competence & awareness, communication, documented information.

Plan, implement and control the processes needed to meet the requirements for the provision of products and services and to meet the requirements of the Business Continuity Management System. These include aspects of design, control of externally provided processes, production and service provision, the release of products and services and control of nonconforming outputs.

Assessment of the company’s own performance in meeting customer and regularity requirements as well as its performance in meeting the requirements of its own Business Continuity Management System and the ISO 22301 standard. These will include activities such as, establishing what needs to be monitored and measured, customer satisfaction, analysis and evaluation of data, completing internal audits and top management carrying out a formal review on the performance of the Business Continuity Management System.

Determine and select opportunities for improvement and implement any necessary actions to meet customer requirements to enhance customer satisfaction. These activities may also include improving products and services to meet requirements and address future needs and expectations, correcting, preventing, or reducing undesired effects, improving the performance and effectiveness of the Business Continuity Management System and investigating and correcting non-conformance.

Want to see more of what we have to offer here at Candy MC? Click here to see our wide wide range of services.

Scroll to Top