ISO 22301:2019 Business Continuity Management System specifies the requirements to plan, establish, implement, operate, monitor, review, maintain, and continually improve a documented business continuity management system.
Why do business entities need to be qualified for ISO 22301:2019 certification?
This International Standard issued by ISO organization is intended to establish an organizational framework to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.
What is the ISO 22301:2019 certification body?
There are several certification bodies with respect to ISO 22301:2019 where such bodies audit and check the existence and conformity of business continuity management systems in accordance with the requirements set forth in ISO 22301:2019. If the system proves to be compliant, the certification is awarded to the business entity.
It is worth mentioning that International Organization for Standardization prevents the certification body from performing any advisory role for the clients.
What is the role of Baker Tilly Kuwait in assisting business entities with qualifying for ISO 22301:2019 certification?
Baker Tilly performs an advisory role, which will help business entities implement the detailed aspects of ISO 22301:2019 in their operating policies and procedures in connection with business continuity aspects. The such advisory role covers the following:
- Gap analysis.
- Developing Business Continuity management system manuals.
- Supervising the implementation process.
- Internal audits.
- Technical support during the certification process.
It is worth mentioning that Baker Tilly does not award ISO 22301:2019 certification.
Is there instruction by any regulator to regulate entities to obtain ISO 22301:2019 certification?
In the State of Kuwait, Law No. 7 of 2010 concerning the Establishment of Capital Markets Authority and Regulation of Securities Activity was promulgated on 21 February 2010 and its Executive Regulations were issued under Resolution No. 72 of 2015 on 9 November 2015, which address the Business Continuity in Module 6 – Policies and Procedures of Licensed Person, which require the licensed persons to implement the same.
The Business Continuity Management System is an internal control, which supports the corporate governance system explaining the mandatory implementation thereof.
The Business Continuity Management System is implemented by creating an organizational unit or a committee chaired by the CEO or an Assistant CEO with heads of departments as members. A permanent job will be assigned to manage the tasks of such unit or committee and a periodic meeting framework will be established for it.
What is the added value to business entities from obtaining ISO 22301:2019 certification?
- Protect the entity against potential threats to maintaining business continuity.
- Improve the processes and operations and attain competitive advantage.
- Enhance the confidence of all stakeholders in the entity.
- Comply with laws, regulations, resolutions, and instructions issued by the regulators.
What are the services offered by Baker Tilly Kuwait?
Qualify the business entity’s management system to conform to the requirements of ISO 22301:2019
- Cybersecurity Audit
- Cybersecurity Consulting
- IT Internal Audit Service
- SWIFT CSCF Assessment
- Information Technology Processes, Policies and Procedures
- Information Technology Strategy
- Information Technology Governance
- Digital Transformation
- Big Data Management
- Qualifying Business for ISO/IEC 27001:2022 Certification
- Disaster Recovery Plan (DRP)
- Technology Project Management
- Financial Technology (FinTech) Consulting