Standards

Information and Advice on Standards

Better, Safer Business Travel - BS ISO 31030 Travel Risk Guidance

SEPTEMBER 2021


Almost perfect timing for BS ISO 31030:2021 Guidance for organizations 

It has taken nearly ten years for an idea shared at a British Standards meeting in London to grow and develop into a full International Standard. The story of how the standard emerged is a great example of how industry professionals can work together to share experience and build solutions that can help address serious issues. The new guidance from ISO and the BSI sets a new standard for travel risk management that will help organizations of all types get back to work and build business travel confidence.   

ISO 31030 helps build back confidence in Business Travel

Modern business takes our people all over the world, but for some the experience of the jet set lifestyle can quickly transform into a nightmare if things go wrong.  A serious illness, traffic accident, mugging or theft can quickly throw a business travellers’ plans into chaos and expose them and their employer to even greater risks and potential harm. Yet most business travellers and their employers these risks are rarely thought through, and this leads many struggling to cope when the inevitable happens.  This happens to hundreds of thousands of people each year, but it doesn’t have to be this way and in a post-covid world we must do more to minimise travel risk of all types.

Better, Safer Business Travel - BS ISO 31030 Travel Risk Guidance

 

SEPTEMBER 2021


Almost perfect timing for BS ISO 31030:2021 Guidance for organizations 

It has taken nearly ten years for an idea shared at a British Standards meeting in London to grow and develop into a full International Standard. The story of how the standard emerged is a great example of how industry professionals can work together to share experience and build solutions that can help address serious issues. The new guidance from ISO and the BSI sets a new standard for travel risk management that will help organizations of all types get back to work and build business travel confidence.   

ISO 31030 helps build back confidence in Business Travel

Modern business takes our people all over the world, but for some the experience of the jet set lifestyle can quickly transform into a nightmare if things go wrong.  A serious illness, traffic accident, mugging or theft can quickly throw a business travellers’ plans into chaos and expose them and their employer to even greater risks and potential harm. Yet most business travellers and their employers these risks are rarely thought through, and this leads many struggling to cope when the inevitable happens.  This happens to hundreds of thousands of people each year, but it doesn’t have to be this way and in a post-covid world we must do more to minimise travel risk of all types.

New ISO Travel Risk Management Standard - ISO 31030:2021

 

SEPTEMBER 2021


ISO Publication date confirmed 

ISO Travel Risk Standard helps manage Duty of Care For the past three years work has been underway to develop new guidance to help organizations meet their Duty of Care for travellers.  National Standards Bodies from more than 60 countries have been working with the ISO technical committeee for Risk Management (TC262) to agree a good practice framework that helps keep people safer and provides evidence that the organization is meeting its’ legal duties.

The Continuity Forum has been directly engaged in the work on the guidance at the national and international levels, as well as developing active sector engagement through our Policy Working Group (PWG).  

Compliance Management | ISO 19600 review and survey

ISO - International Standards Organization
The ISO Technical Committee for ISO 19600 relating to Compliance Management is preparing to discuss whether a revision of this standard should take place and, if so, how it can be improved.
 
To support this review a survey has been developed to gain feedback from both users and non-users of the standard looking at compliance management. You can help contribute to the decision making process by providing feedback and opinion by following the link below:
 
 
The scope of ISO 19600
 
The International Standard ISO 19600:2014 Compliance management systems – Guidelines were published in 2014 as a Management System Standard. The standard does not specify requirements, but provides guidance on compliance management systems and recommended practices.
 
ISO 19600 can be used by numerous standards covering Risk, Information Technology, Business Continuity and Resilience Management to identify just a few.  The guidance it provides is intended to be adaptable, and the use of this guidance can differ depending on the size and level of maturity of an organization’s compliance management system and on the context, nature and complexity of the organizations activities, including its compliancy policy and objectives.
 
You do not need to be a user of ISO standards either as the flexibility provided through the guidance can help with other processes or management systems. ISO 19600:2014 is based on the principles of good governance, proportionality, transparency and sustainability.
 
The deadline for completing the survey is Monday 16th April 2018.
 

Major new British Standard for Cyber Risk and Resilience [Consultation]

BSI Cyber Risk and Resilience Standards BS 31111A major new British Standard [BS 31111] is in development to help senior executives and risk managers improve their cyber risk management and build the cyber resilience of their organizations.

Over the past year, the BSI Risk Management Committee has been working on developing new guidance that aims to help top executives better understand and manage the technology risks to their organizations.  

The Business Continuity role in adapting to climate change

Environment Agency - Climate Adaptation Last winter heavy rain, storm force winds and large waves combined with high spring tides presented England with unprecedented flooding from the sea, rivers, groundwater and surface water.

Thousands of properties were flooded, infrastructure was damaged and tragically, eight people lost their lives. The full impact of these events has not yet been calculated but we do know that 175,000 businesses in England are at risk of flooding [note1].  

Government sets the bar for Cyber Risk with Cyber Essentials

Cyber essentials scheme Logo Department of Business, Innovation & Skills Minister, Right Hon David Willetts MP, has announced the certification framework for Cyber Essentials, the governments new initiative aimed at creating a minimum expected capability for cyber security.  

HMG announces Cyber Essentials Scheme

 

 

As part of the UK government's long-term strategy to address the increasing threats around cyber risk HMG has announced its Cyber Essentials Scheme.

Department for Business, Innovation & Skills

The scheme identifies and focuses on five principal areas that businesses of all types and sizes must consider as "the essential" foundation of their cyber security.

Introducing Standards

This is a short introduction to the world of Standards outlining how they are developed. 

A standard is a document defining best practice, established by consensus and approved by a recognized body (such as BSI, ANSI or ISO). Each standard is kept current through a process of maintenance and review whereby it is updated, revised or withdrawn as necessary.

Major new risk and sustainability guidance published

 

Risk & Sustainability | 2023 provides significant guidance for those working in the fields of Risk, Resilience and Sustainability.  It aims to create change across organizations of all types to help deliver effective climate adaptation and sustainability objectives.   The guidance uses a risk-centric approach, based on international standards and industry good practice. 
 
International consensus agrees that the global economy must evolve at scale and pace to address a myriad of issues rooted in climate risks and threats to the sustainability of wider society.
 
Risk & Sustainability | 2023 provides significant guidance for those working in the fields of Risk, Resilience and Sustainability.  It aims to create change across organizations of all types to help deliver effective climate adaptation and sustainability objectives.   The guidance uses a risk-centric approach, based on the principles and framework of ISO 31000, along with other international standards and industry good practice. 

Revision of ISO 31000 Risk Management Guidelines - Draft available

 
International Standard Risk Management ISO 31000 Draft ReviewISO 31000, the international standard for Risk Management - ‘Risk Management – Principles and Guidelines’ - is now available for public consultation. 
 
The decision to review ISO 31000 was taken at in Chicago in 2013 and now, 4 years later, a draft version of the proposed updates to the ISO 31000 document is available for users to see.
 
The next steps will be a review of the comments submitted that will modify the text further and then a ballot by ISO members to move to the final publication.  The next ISO meeting is being held in San Francisco in July 2017 and this suggests publication of the revised risk management standard perhaps early in 2018. 
 
The draft of the standard for review and comment is now available on the BSI Draft Review system at https://standardsdevelopment.bsigroup.com/projects/76477a8f8de94a1e1d5c675e02973077. [registration required - Closing date for comments 11th April 2017] 
 
Click to Visit and View BSI DRAFT REVIEW SYSTEM
 

Supply Chain Continuity using new ISO 22318 Guidelines

New guidance from ISO and the BSI to help companies build resilience and continuity in their supply chains PD ISO/TS 22318:2015 - Overview of new ISO Supply Chain Continuity Guidance

An Introduction by Lead author Duncan Ford MBCI

BSi has just published the UK edition of the recently released ISO Technical Specification 22318 Guidelines for Supply Chain Continuity. The title describes where this document fits in with the established BCM standards 22301 and 22313.  A technical specification is not a full standard; its purpose is to amplify not undermine the established standards.

Every organisation has a supply chain which may range from the purchase of basic resources to complex outsourcing arrangements for the delivery of a core service including both external suppliers and internal support such as the provision of IT services.  Each of these arrangements presents a risk to the organisation if it is unavailable, which needs to be properly understood and appropriate contingency measures put in place to protect against disruption of that product supply or service. 22318 provides guidelines on how to manage Supply Chain Continuity challenges.

The scope of this Technical Specification was deliberately constrained. It considers specifically the issues faced by an organisation which needs continuity of supply of products or services to protect its business activities and the continuity strategies for current suppliers which can be used to mitigate the impact of disruption.

The approach is broken into five stages which align with the requirements of BS/ISO 22301 which ensures that Supply Chain Continuity Management (SCCM) can be managed within an established BCM programme:

Ø  Policy and strategy which considers the requirement for supply chain continuity and the parameters each organisation should define to frame its approach to SCCM.

Ø  Analysis of the supply chain which draws upon the organisation’s BIA to identify critical activities or processes and focusses on identifying the particular risks and impacts to these processes arising from disruption in the associated supply chain.

Ø  Consideration of appropriate and achievable Supply Chain Continuity strategies which can help to mitigate the emerging risks and identify an approach to manage disruption.

Ø  Planning to manage a supply chain disruption event and the requirement to integrate this with BC plans.

Ø  Ongoing performance management to maintain an appropriate level of continuity management within the supply chain and deliver continuous improvement.

Effective SCCM generates its own challenges for an organisation, it may impact procurement strategies as continuity requirements may be contrary to strategies of minimising supply chain cost.  The process of analysis should bring a focus onto the pressure points, for example where a critical process is dependent on a single supplier, and allow the associated risk to the organisation to be recognised and managed.

A key approach is to encourage openness between an organisation and its critical suppliers delivering better understanding of each other’s priorities and risks and integrated continuity planning. This leads to continuous improvement and reducing risk.

SCCM is relevant to organisations of every size and type, TS 22318 focusses on a key aspect of managing the risks in the supply chain.

As an ISO document it is available as reference to support global supply arrangements helping the purchaser to define its continuity requirements to be included in contracts, monitor suppliers’ continuity provisions and be prepared to manage the impacts of disruption. The hope of the project team who worked on this document supported by the contributions from many global standards organisations is that PD ISO/TS 22318 takes another step towards improved global continuity and resilience.

To get a copy of the new Supply Chain Continuity Guidance please click here

Visit the BSI shop to get your copy of BS/ISO 22318

About the Author

 

Duncan Ford led the development for ISO TS 22318. He is a partner in Corpress LLP a consultancy working in the areas of risk, response and resilience including supply chain analysis.

For more information visit: www.corpress.uk

 

Continuity and Resilience Conference | London | EC2 | 16th Sept

Continuity and Resilience Conference | London | Sept 16

 

 

 
 
 
 
Closed 
The BSI in partnership with the NFPA, City of London, and ISO is holding a free conference on “Continuity and Resilience” at the Guildhall, London, on 16th Sept. 
Topics include BCM certification vs alignment; BIA; supply chain continuity; human aspects of continuity;  crisis management; city resilience; and cyber resilience.  
Everyone is welcome and encouraged to contribute to the discussions.  
Lunch is provided.  
For further information please contact david.adamson@bsigroup.com with your details and organization.

Time

Session

09.00am

Registration

10:00-10:10

Chairman’s opening

Rick Cudworth, Partner, Deloitte

Welcome from  City of London and BSI

Morning Session – Continuity

10:10-10:25

Business Continuity Management - Overview 

Ken Willette, Division Manager, Public Fire Protection Division, National Fire Protection Association

10:25-10:40

Business Impact Analysis

Ian Charters,  Continuity Systems, Ltd

10:40-10:55

Human Aspects of Continuity Management

Lynne Donaldson, HR & Crisis Consultant, Corpress LLP

10:55-11:10

ISO 22301 Certification or Alignment?

John Sharp, Managing Director, Kiln House Associates Ltd

11:10 -11:25

BCM for SMEs

Eric Bekaert, Senior Policy Advisor in Crisis Management, Service of the High Official for Defense and Security – Ministries of Economy and Finance

11:25-11:45

Morning Networking Tea & Coffee break

Extended Networking Session and Lunch

13:30-13:50

Cyber Risk and Resilience

Russell Price, Chair, Continuity Forum

Simon Guilderson, Senior Director, Alvarez & Marsal

13:50-14:10

City Resilience

Speaker Dr. Robert MacFarlane, Assistant Director, UK Resilience Training and Doctrine

Cabinet Office, Civil Contingencies Secretariat 

14:10-14:30

Guidance on organizational resilience – focus on ISO 22316 –

Organizational Resilience

James Crask, Enterprise Resilience, PwC

14:30-14:45

Afternoon Networking Tea & Coffee break

14:45-15:45

ISO Panel discussion

The panel will comprise ISO TC 292 Work Group 2 members who will consider key topics highlighted by conference participants

15:45-16:15

Chairman’s summary

Rick Cudworth, Partner, Deloitte

16:15

Event closes

 

For further information please contact david.adamson@bsigroup.com with your details and organization.

 


BS 12999 | Draft For Comment | Damage management

BSI Standards development The BSI has been working to produce standaised Guidance for Damage Management that outlines the processes followed to facilitate the reinstatement and future integrity of affected public, commercial or domestic property, contents, facilities and assets, in the event of an incident or peril that causes damage.  The consultation closes at the end of April 2015.

This code of practice called BS 12999 builds on the already recognized BDMA Standards and connects and supports other standards covering Business Continuity and Recovery Management . 

PAS 7000 EVENT Briefing | Managing and mitigating supply chain risk

Link to BSIPAS 7000 Launch: Breakfast Briefing

New Supply Chain Standard to Uncover and Mitigate Supply Chain Risks

Tuesday 4 November 2014 (Free)

VENUECentral London

TIME: 8.30am to 10.30am (registration starts at 8.00am)

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...