Show me desktop version
CALL US +1 (646) 759 9933

ISO 27001/ISO 22301 Knowledge base

ISO 22301 benefits: How to get your management’s approval for a business continuity project

Author: Dejan Kosutic

If you think your management loves to listen to you talk about your great idea for a disaster recovery site, or a perfect tool you’ve discovered for handling business continuity plans, you’re wrong – they just don’t care.

What management wants to hear (and does understand) are profit, market share, client satisfaction, cost cutting, business strategy, and business risks. And you can’t blame them – after all, this is what their job is about.

So if you can’t change them, you have to change yourself – first of all, if you want them to listen to you, you have to start speaking the language they understand. And they will understand if you present them with the potential benefits of ISO 22301/business continuity implementation.

How can business continuity help your business?

In my experience, there are four potential benefits you should consider:

1. Compliance. There are more and more laws and regulations in almost every country that require business continuity compliance; but, what’s even more interesting, is that there is an increasing number of business clients (e.g. financial institutions) which require their partners and suppliers to implement business continuity procedures. The good news is that ISO 22301 is a perfect framework for complying with all these requirements, partly because BS 25999 and ISO 22301 were a model when those laws and regulations were developed. This means less effort in the compliance process, and fewer penalties to be paid. Click here to see a list of business continuity legislation worldwide.

2. Marketing advantage. If your company has an ISO 22301 certificate and your competitors don’t, and if your clients are very sensitive to availability of the service, you could actually get new clients because you will be able to convince potential clients that you are the best in the industry. This means increased market share and higher profits.

3. Reducing dependence on individuals. More and more executives are aware that their business relies on a couple of people who are very often hard to replace – this is particularly obvious when people leave the company. With the implementation of business continuity, the company actually becomes far less dependent on those individuals (because of the replacement scheme and documenting of tasks), meaning you will have fewer headaches when someone does leave.

4. Prevent large-scale damage. If you are an Internet service provider, or a telecom company, every minute of your service unavailability costs a lot of money; maybe not so much in other industries, but again it does cost money. So basically, the implementation of your business continuity is a kind of insurance policy – it will enable you to prevent some of the incidents, while for others you will be able to recover more quickly. And by doing this, you can save quite a lot of money.

Choose the applicable benefits and stick with them.

I’m not saying all four of these will be applicable to your organization, but you have to pick at least two that are really relevant to your organization. And you have to consult with your colleagues in the company (the best would be from the business side of the organization, and in corporate functions), because you ultimately have to figure out which of these benefits are the most interesting to your top management, and which ones support your company’s strategy.

Once you have this focus on what business continuity can do for your business, you’ll find your job of obtaining the approval much easier. Of course, you still have to figure out how to present the whole case to your management, but that will be the topic of some other blog post…

This article is an excerpt from the book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation. Click here to see what’s included in the book…

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on ISO 27001/ISO 22301 standards.

100% privacy respected. Unsubscribe at any time with a single click.

FREE ISO 27001/22301 CONSULTATION
Dejan Kosutic
Lead ISO 27001/22301 Expert, Advisera

GET FREE ADVICE

ISO 27001 & ISO 22301
Free Downloads

 

Documentation Toolkit

ISO 22301 Documentation Toolkit

See Details

Upcoming free webinar
ISO 27001 implementation: How to make it easier using ISO 9001
Wednesday - October 25, 2017

OUR CLIENTS

OUR PARTNERS

  • Exemplar Global (formerly RABQSA) is leading international authority in certification of training providers.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933