Business Continuity Management System. ISO 22301.
4.4 (1,309 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
3,995 students enrolled

Business Continuity Management System. ISO 22301.

Prepare and respond to disruptive events. Continue operation. That's business continuity.
4.4 (1,309 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
3,999 students enrolled
Last updated 4/2020
English, Polish [Auto-generated]
Current price: $37.99 Original price: $54.99 Discount: 31% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 2 hours on-demand video
  • 31 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • What is a business continuity management system
  • What are the requirements of ISO 22301:2019
  • Key tools for business continuity like the business impact analysis or the risk assessment
  • What is a business continuity strategy and what it should include
  • Concepts like the MTPD, RTO, RPO, MBCO
  • How a business continuity management system can be implemented
  • No specific prior knowledge required.
  • Familiarity with management systems is helpful.
  • General knowledge on business continuity and disaster recovery is helpful.

The course discusses the concept of business continuity and the requirements of ISO 22301:2019 - the international standard that defines the requirements for a Business Continuity Management System (BCMS).

The course follows the structure of the standard covering the following requirements:

- Context of the organization - internal and external issues that affect the organization, the needs and expectations of interested parties and the scope of the business continuity management system

- Leadership - top management commitment for business continuity, business continuity policy, roles, responsibilities and authorities

- Planning - Actions to address risks and opportunities, business continuity objectives and the planning of changes

- Support - Resources, competence and awareness, communication and documented information

- Operation - Business impact analysis, risk assessment, business continuity strategies and solutions, business continuity plans and procedures, warning and communication, the incident response structure, the exercise programme and the evaluation of business continuity documentation and capabilities

- Performance evaluation - Monitoring and measurement, analysis and evaluation, the internal audit of the BCMS, management review

- Improvement - Nonconformity and corrective action; continual improvement.

The information is valuable to any professional involved in business continuity and disaster recovery related activities.

After going through the lessons here you will have a clear image of how a business continuity management system (BCMS) should be shaped, what are it's main elements, what documents should exist and how they should be implemented.

The information in the course is valuable for professionals who want to participate in business continuity auditing - of suppliers, partners or for certification purposes.

If you are looking to become a certified business continuity professional then the information in this course will be of great help.

If your organization intends to become certified to ISO 22301:2019 and you have responsibilities for the BCMS then I am sure you will find a lot of support in this course.

Who this course is for:
  • Business continuity managers
  • Business continuity engineers
  • Risk specialists
  • Business continuity consultants
  • Management system auditors
  • Business owners
  • People involved in business continuity and disaster recovery related activities
Course content
Expand all 33 lectures 02:11:19
+ General aspects
4 lectures 13:39

What is the purpose of business continuity. General information about business continuity as a concept.

Preview 03:26

About the ISO 22301 and other related standards. The structure of ISO 22301:2019.

ISO 22301 and related standards

What is a management system. General information about the business continuity management system.

Preview 03:15
+ Context of the organization
3 lectures 12:05

Examples of internal and external issues that are relevant to the organization.

Understanding the organization and it's context

Who are the interested parties (stakeholders). Examples of needs and expectations.

Needs and expectations of interested parties

What is the scope of the BCMS. How the organization can decide the scope of its business continuity management system

The scope of the Business Continuity Management System (BCMS)
+ Leadership
3 lectures 10:14

The top management shall demonstrate leadership and commitment with regards to the BCMS. How to do that.

Leadership and commitment

What should the business continuity policy include. What are the requirements with regards to the communication and availability of the policy.

The business continuity policy

The persons responsible for managing the BCMS. What are their responsibilities and authorities.

Roles, responsibilities and authorities
+ Planning
3 lectures 10:09

Risks and opportunities related to the BCMS. Examples of risks and opportunities and the process for their identification and treatment.

Preview 04:37

There shall be business continuity objectives. The organization is required to monitor the achievement of its objectives. Examples of business continuity objectives and plans for their achievement.

Business continuity objectives and planning to achieve them

The organization shall control the changes to its business continuity arrangements so that negative impacts are avoided or mitigated.

Planning changes to the Business Continuity Management System
+ Support
5 lectures 18:53

The resources needed for the BCMS. Who should provide the resources.


The process for ensuring competency. Actions to address the gap between existing and required competence.


The importance of awareness for business continuity. What should an awareness program include.


Internal and external communications relevant for the BCMS.


The documentation that supports the Business Continuity Management System. Types of documents. Controls for documented information.

Documented information
+ Operation
8 lectures 44:08

How the business impact analysis can be performed. What impacts can be considered. Concepts like MTPD (Maximum Tolerable Period of Disruption), RTO (Recovery Time Objective), MBCO (Minimum Business Continuity Objective) or RPO (Recovery Point Objective).

The Business Impact Analysis (BIA)

The process to identify, analyze, assess and treat risks that can lead to disruptions. Aspects to consider in the risk assessment process and details as to how the risk assessment can be performed.

The risk assessment

Using the information from the business impact analysis and the risk assessment the organization shall articulate its business continuity strategies and solutions. What elements should normally include a business continuity strategy.

Business continuity strategies and solutions

An incident response structure shall be formally appointed. Who should be part of the incident response structure and what are the responsibilities of this structure

The incident response structure

Communication is very important in case of a disruption. What and with whom the organization should communicate.

Warning and communication

The organization shall document and maintain business continuity plans and procedures. Those document detail how the organization will respond to a disruption and how activities are to be resumed. What should be included in a business continuity plan.

Business continuity plans and procedures

The business continuity arrangements shall be tested periodically. The organization shall develop and implement an exercise programme. Different types of exercises that can be performed.

Exercise programme

The business impact analysis, the risk assessment, business continuity strategies and solutions, plans and procedures shall be evaluated periodically

Evaluation of business continuity documentation and capabilities
+ Performance evaluation
3 lectures 11:07

The organization is required to monitor and measure its BCMS. The data generated from monitoring and measuring shall be analyzed and evaluated. Examples of key performance indicators for the BCMS.

Monitoring, measurement, analysis and evaluation

The BCMS shall be audited internally at planned intervals. About the internal audit programme, the auditors and the documents generated from the internal audit process.

Internal audit

The top management of the organization is required to review periodically the BCMS to ensure that it remains suitable, adequate and effective. About the input elements to the management review and about what should be the outcomes of the reviews.

Management review
+ Improvement
2 lectures 05:37

Nonconformities are addressed by implementing corrections and corrective actions. Definitions and examples.

Nonconformity and corrective action

The organization shall continually improve its the suitability, adequacy and effectiveness of its Business continuity management systems.

Continual improvement
+ Final words
2 lectures 05:27

How an organization can obtain and maintain the certification to ISO 22301:2019. The migration from the 2012 version of ISO 22301 to the 2019 version.

Certification of persons as business continuity professionals.

Preview 03:09

Test your knowledge on ISO 22301 requirements

Business Continuity Quiz - ISO 22301
7 questions