DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf

上传人:fuellot230 文档编号:682532 上传时间:2018-12-28 格式:PDF 页数:32 大小:1.54MB
下载 相关 举报
DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf_第1页
第1页 / 共32页
DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf_第2页
第2页 / 共32页
DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf_第3页
第3页 / 共32页
DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf_第4页
第4页 / 共32页
DIN EN ISO 22301-2014 Societal security - Business continuity management systems - Requirements (ISO 22301 2012) German version EN ISO 22301 2014《社会安全 业务连续性管理系统 要求 (ISO 22301-2012).pdf_第5页
第5页 / 共32页
点击查看更多>>
资源描述

1、December 2014 Translation by DIN-Sprachendienst.English price group 15No part of this translation may be reproduced without prior permission ofDIN Deutsches Institut fr Normung e. V., Berlin. Beuth Verlag GmbH, 10772 Berlin, Germany,has the exclusive right of sale for German Standards (DIN-Normen).I

2、CS 03.100.01!%t“2278881www.din.deDDIN EN ISO 22301Societal security Business continuity management systems Requirements (ISO 22301:2012);English version EN ISO 22301:2014,English translation of DIN EN ISO 22301:2014-12Sicherheit und Schutz des Gemeinwesens Business Continuity Management System Anfor

3、derungen (ISO 22301:2012);Englische Fassung EN ISO 22301:2014,Englische bersetzung von DIN EN ISO 22301:2014-12Scurit socitale Systmes de management de la continuit dactivit Exigences (ISO 22301:2012);Version anglaise EN ISO 22301:2014,Traduction anglaise de DIN EN ISO 22301:2014-12www.beuth.deDocum

4、ent comprises 32 pagesIn case of doubt, the German-language original shall be considered authoritative.01.15 DIN EN ISO 22301:2014-12 2 A comma is used as the decimal marker. National foreword The text of ISO 22301:2012 has been prepared by Technical Committee ISO/TC 223 “Societal Security” and has

5、been taken over without any modification as EN ISO 22301:2012 by Technical Committee CEN/TC 391 “Societal and Citizen Security” (Secretariat: NEN, Netherlands). The responsible German body involved in its preparation was the DIN-Normenausschuss Feuerwehrwesen (DIN Standards Committee Firefighting an

6、d Fire Protection), Working Committee NA 031-05 FBR Fachbereichsausschuss Sicherheit und Schutz des Gemeinwesens SpA zu ISO/TC 223 Societal security. The following terms have been translated into German taking the technical terms commonly used into consideration and in deviation from the preferred t

7、ranslations: The English expression “Business impact analysis (BIA)“ has only been partly translated into German (the German term “Analyse” is used instead of the English word “analysis”) and the English expression “Business continuity management (BCM)” has been taken over completely, because these

8、terms have become established in German as well. The term “invocation” (3.2.3) has been literally translated into German as “Aufruf ”, although in crisis management the expression “in Kraft setzen” is used. The term “business continuity” (3.3) has been translated throughout as “Aufrechterhaltung der

9、 Betriebsfhigkeit”. “Incident response” (8.4.2) has been translated as “Reaktion auf einen Zwischenfall”. However, the expression “Einsatz zur Gefahrenabwehr” is also used in practice. EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN ISO 22301 July 2014 ICS 03.100.01 English Version Societal sec

10、urity - Business continuity management systems - Requirements (ISO 22301:2012) Scurit socitale - Systmes de management de la continuit dactivit - Exigences (ISO 22301:2012) Sicherheit und Schutz des Gemeinwesens - Business Continuity Management System - Anforderungen (ISO 22301:2012) This European S

11、tandard was approved by CEN on 17 July 2014. CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning

12、 such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its

13、 own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, German

14、y, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR N

15、ORMUNG CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN ISO 22301:2014 EContents PageForeword . 30 Introduction . 40.1 General . 40.2 The Plan-Do-Check-Act (PDCA)

16、 model 40.3 Components of PDCA in this International Standard 51 Scope 72 Normative references . 73 Terms and definitions . 74 Context of the organization 144.1 Understanding of the organization and its context 144.2 Understanding the needs and expectations of interested parties . 154.3 Determining

17、the scope of the business continuity management system . 154.4 Business continuity management system .165 Leadership .165.1 Leadership and commitment .165.2 Management commitment .165.3 Policy 175.4 Organizational roles, responsibilities and authorities 176 Planning .186.1 Actions to address risks a

18、nd opportunities .186.2 Business continuity objectives and plans to achieve them 187 Support .187.1 Resources .187.2 Competence 197.3 Awareness .197.4 Communication 197.5 Documented information .208 Operation .218.1 Operational planning and control .218.2 Business impact analysis and risk assessment

19、 .218.3 Business continuity strategy .228.4 Establish and implement business continuity procedures .238.5 Exercising and testing .259 Performance evaluation .259.1 Monitoring, measurement, analysis and evaluation 259.2 Internal audit .269.3 Management review 2710 Improvement .2810.1 Nonconformity an

20、d corrective action 2810.2 Continual improvement .29Bibliography .30DIN EN ISO 22301:2014-12 EN ISO 22301:2014 (E) 2 Foreword The text of ISO 22301:2012 has been prepared by Technical Committee ISO/TC 223 “Societal security” of the International Organization for Standardization (ISO) and has been ta

21、ken over as EN ISO 22301:2014 by Technical Committee CEN/TC 391 “Societal and Citizen Security” the secretariat of which is held by NEN. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by January 201

22、5, and conflicting national standards shall be withdrawn at the latest by January 2015. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights

23、. According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, G

24、ermany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. Endorsement notice The text of ISO 22301:2012 has been approved by CEN as EN ISO 2230

25、1:2014 without any modification. DIN EN ISO 22301:2014-12 EN ISO 22301:2014 (E) 3 0 Introduction0.1 GeneralThis International Standard specifies requirements for setting up and managing an effective Business Continuity Management System (BCMS).A BCMS emphasizes the importance of understanding the or

26、ganizations needs and the necessity for establishing business continuity management policy and objectives, implementing and operating controls and measures for managing an organizations overall capability to manage disruptive incidents, monitoring and reviewing the performance and effectiveness of t

27、he BCMS, and continual improvement based on objective measurement.A BCMS, like any other management system, has the following key components:a) a policy;b) people with defined responsibilities;c) management processes relating to1) policy,2) planning,3) implementation and operation,4) performance ass

28、essment,5) management review, and6) improvement;d) documentation providing auditable evidence; ande) any business continuity management processes relevant to the organization.Business continuity contributes to a more resilient society. The wider community and the impact of the organizations environm

29、ent on the organization and therefore other organizations may need to be involved in the recovery process.0.2 The Plan-Do-Check-Act (PDCA) modelThis International Standard applies the “Plan-Do-Check-Act” (PDCA) model to planning, establishing, implementing, operating, monitoring, reviewing, maintain

30、ing and continually improving the effectiveness of an organizations BCMS.This ensures a degree of consistency with other management systems standards, such as ISO 9001 Quality management systems, ISO 14001, Environmental management systems, ISO/IEC 27001, Information security management systems, ISO

31、/IEC 20000-1, Information technology Service management, and ISO 28000, Specification for security management systems for the supply chain, thereby supporting consistent and integrated implementation and operation with related management systems.Figure 1 illustrates how a BCMS takes as inputs intere

32、sted parties, requirements for continuity management and, through the necessary actions and processes, produces continuity outcomes (i.e. managed business continuity) that meet those requirements.DIN EN ISO 22301:2014-12 EN ISO 22301:2014 (E) 4 InterestedpartiesManaged business continuityInterestedp

33、artiesRequirementsfor business continuityContinual improvement of business continuitymanagement system (BCMS)Establish(Plan)Monitor and review(Check)Maintain and improve(Act)Implement and operate(Do)Figure 1 PDCA model applied to BCMS processesTable 1 Explanation of PDCA modelPlan (Establish)Establi

34、sh business continuity policy, objectives, targets, controls, processes and procedures relevant to improving business continuity in order to deliver results that align with the organizations overall policies and objectives.Do (Implement and operate)Implement and operate the business continuity polic

35、y, controls, processes and procedures.Check (Monitor and review)Monitor and review performance against business continuity policy and objectives, report the results to management for review, and determine and authorize actions for remediation and improvement.Act (Maintain and improve)Maintain and im

36、prove the BCMS by taking corrective action, based on the results of management review and reappraising the scope of the BCMS and business continuity policy and objectives.0.3 Components of PDCA in this International StandardIn the Plan-Do-Check-Act model as shown in Table 1, Clause 4 through Clause

37、10 in this International Standard cover the following components. Clause 4 is a component of Plan. It introduces requirements necessary to establish the context of the BCMS as it applies to the organization, as well as needs, requirements, and scope. Clause 5 is a component of Plan. It summarizes th

38、e requirements specific to top managements role in the BCMS, and how leadership articulates its expectations to the organization via a policy statement. Clause 6 is a component of Plan. It describes requirements as it relates to establishing strategic objectives and guiding principles for the BCMS a

39、s a whole. The content of Clause 6 differs from establishing risk treatment opportunities stemming from risk assessment, as well as business impact analysis (BIA) derived recovery objectives.DIN EN ISO 22301:2014-12 EN ISO 22301:2014 (E) 5 NOTE The business impact analysis and risk assessment proces

40、s requirements are detailed in Clause 8. Clause 7 is a component of Plan. It supports BCMS operations as they relate to establishing competence and communication on a recurring/as-needed basis with interested parties, while documenting, controlling, maintaining and retaining required documentation.

41、Clause 8 is a component of Do. It defines business continuity requirements, determines how to address them and develops the procedures to manage a disruptive incident. Clause 9 is a component of Check. It summarizes requirements necessary to measure business continuity management performance, BCMS c

42、ompliance with this International Standard and managements expectations, and seeks feedback from management regarding expectations. Clause 10 is a component of Act. It identifies and acts on BCMS non-conformance through corrective action.DIN EN ISO 22301:2014-12 EN ISO 22301:2014 (E) 6 1 ScopeThis I

43、nternational Standard for business continuity management specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from

44、disruptive incidents when they arise.The requirements specified in this International Standard are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the org

45、anizations operating environment and complexity.It is not the intent of this International Standard to imply uniformity in the structure of a Business Continuity Management System (BCMS), but for an organization to design a BCMS that is appropriate to its needs and that meets its interested parties

46、requirements. These needs are shaped by legal, regulatory, organizational and industry requirements, the products and services, the processes employed, the size and structure of the organization, and the requirements of its interested parties.This International Standard is applicable to all types an

47、d sizes of organizations that wish toa) establish, implement, maintain and improve a BCMS,b) ensure conformity with stated business continuity policy,c) demonstrate conformity to others,d) seek certification/registration of its BCMS by an accredited third party certification body, ore) make a self-determination and self-declaration of conformity with this International Standard.This International Standard can b

展开阅读全文
相关资源
  • DIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdfDIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdf
  • DIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdfDIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdf
  • DIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdfDIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdf
  • DIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdfDIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdf
  • DIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdfDIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdf
  • DIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdfDIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdf
  • DIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdfDIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdf
  • DIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdfDIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdf
  • DIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdfDIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdf
  • DIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdfDIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdf
  • 猜你喜欢
    相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > DIN

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1