ISO 22301:2019 Business Continuity Management Systems

About this course

When a cyber attack, supplier collapse, pandemic, or natural disaster hits your organization, the difference between a controlled response and operational chaos is whether someone built a real Business Continuity Management System before the lights went out. ISO 22301:2019 is the international standard that defines what good looks like, and certification to it is now expected by regulators, customers, insurers, and boards across financial services, healthcare, manufacturing, technology, and government. This course gives you a complete, accurate, and practical walkthrough of every clause so you can build, operate, or audit a conforming BCMS with confidence.

You will work through the standard clause by clause, starting with the foundations of business continuity and how ISO 22301 relates to disaster recovery, incident response, crisis management, and organizational resilience. You will master Clause 4 on organizational context and scope, Clause 5 on leadership and policy, and Clause 6 on planning and continuity objectives. You will then dive deep into Clause 7 on resources, competence, awareness, communication, and documented information, before tackling Clause 8 — the operational heart of the standard — covering Business Impact Analysis, risk assessment, strategy selection, plan development, the exercise programme, and capability evaluation. You will finish with Clause 9 on monitoring, internal audit, and management review, Clause 10 on nonconformity and continual improvement, and a full walkthrough of the Stage 1 and Stage 2 certification audit process, surveillance audits, recertification, and integration with ISO 9001, ISO 27001, and other Annex SL standards.

This course is built for business continuity managers, risk and compliance professionals, internal auditors, IT disaster recovery leads, consultants preparing clients for certification, and operations leaders responsible for resilience. No prior ISO certification experience is required, though basic familiarity with corporate governance and risk concepts will help. By the end you will be able to scope a BCMS, run a BIA, conduct a continuity risk assessment, select strategies, write usable plans, design exercises, audit conformity, and lead an organization through certification.

Enroll today and gain the structured, standard-aligned knowledge that turns business continuity from a binder on a shelf into a genuine capability your organization can rely on when the worst day arrives.

What you'll learn

• Navigate every clause of ISO 22301:2019 with fluency and precision
• Design and document a defensible BCMS scope and policy
• Run a Business Impact Analysis that identifies prioritized activities, RTOs, RPOs, and MBCOs
• Conduct a continuity-focused risk assessment aligned to ISO 31000
• Select business continuity strategies and solutions that close real capability gaps
• Write business continuity plans that work under stress, not just on paper
• Design and run an exercise programme that validates the BCMS over time
• Plan and execute internal audits and management reviews that drive improvement
• Prepare for and pass Stage 1, Stage 2, surveillance, and recertification audits
• Integrate ISO 22301 with ISO 9001, ISO 27001, and other Annex SL standards

Course outline

27 on-demand lessons across self-paced modules. Expand each part to see what it covers.