top of page

Business Impact Analysis | ISO 22317

Crisis Management - Training Course


Imagine your organization goes through an event that causes irreparable damage and you discover that the situation could have been avoided or addressed better. Many times, organizations may prevent a crisis by managing small situations and incidents in a timely manner.


They can also mitigate the effects of a crisis, even if its occurrence could not be stopped. This can be done by implementing processes and procedures for preventing, preparing for, and responding to a crisis, which constitutes crisis management. 


A crisis is an abnormal event that threatens the continuity of an organization’s operations and may even lead to its collapse. These events may have natural causes or may be man-made, e.g., natural disasters, environmental issues, terrorism, cybersecurity breaches, and employee misconduct.


A crisis can occur abruptly or may emerge from small incidents that have not been addressed or have been managed inappropriately. By improving their crisis management capability, not only can organizations prepare for and prevent crises, but they can also manage crises more effectively and learn from them by identifying opportunities for improvement.


What is ISO 22361?


The ISO 22361 standard provides guidance for organizations to develop, establish, maintain, monitor, and continually improve a strategic crisis management capability. In addition, it outlines principles and practices needed to identify and manage a crisis. 

ISO 22361 recommends that organizations adopt a structured approach to crisis management by establishing a framework for crisis management based on leadership, structure, culture, and competence, and adhering to principles for crisis management: governance, strategy, risk, decision-making, communication, ethics, and learning. 


Moreover, the standard describes the crisis management process, which consists of seven steps: anticipation, assessment, prevention and mitigation, preparedness, response, recovery, and continual improvement. 


ISO 22361 guidelines can be helpful in identifying and managing for any organization, regardless of their type, size, or industry. The standard is especially intended for organizations’ top management, who have strategic responsibilities for establishing and improving a crisis management capability, and those who work under the control of the top management.


ISO/TS 22317 (BIA) Foundation


Why should you take this course?


Business Impact Analysis (BIA) is essential for building a Business Continuity Management program across the organization. All companies are exposed to incidents or unintended events that can have various negative consequences, including productivity paralysis, economic losses, bad corporate reputation or loss of sensitive and confidential data.


To minimize these risks in case they materialize, the organization needs to identify the most obvious threats and the impact they would have in the organization. ISO/TS 22317 Foundation training enables you to learn the basic elements necessary to perform a Business Impact Analysis (BIA) process.


During this training course, you will be able to learn and understand the BIA model, including the methodology, tools, and approaches used to complete an in-depth Business Impact Analysis.


After completing this course, you can sit for the exam and apply for the “PECB Certificate Holder in ISO/TS 22317 Foundation” certificate. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.


Who is this course for?


  • Individuals involved in Business Continuity Management

  • Individuals seeking to gain knowledge about the main processes of Business Impact Analysis (BIA)

  • Individuals interested to pursue a career in Business Continuity Management


Learning objectives


  • Understand the elements and components of a Business Impact Analysis (BIA) process

  • Acknowledge the correlation between ISO/TS 22317, ISO 22301 and other standards and regulatory frameworks

  • Understand the approaches, methods and techniques used to perform a Business Impact Analysis process


Educational approach


  • Lecture sessions are illustrated with practical questions and examples

  • Practical exercises include examples and discussions

  • Practice tests are similar to the Certificate Exam


Course agenda


  • Day 1: Introduction to ISO/TS 22317 and overview of Business Impact Analysis


  • Day 2: Performance, process monitoring and review of Business Impact Analysis and Certificate Exam


Examination


  • The exam fully meets the requirements of the PECB Examination and Certificate Programme. It covers the following competency domains:


    Domain 1: Fundamental principles and concepts of a Business Impact Analysis (BIA)


    Domain 2: BIA tools and techniques


    Domain 3: Role of the BIA in the Business Continuity Management lifecycle


Why is crisis management important for you?


How an organization responds to a crisis is very important as it affects its existence and reputation. Crisis management enables organizations to implement effective standardized procedures for identifying and assessing potential crises. This enables organizations to establish procedures for preventing crises. When preventing is not possible, crisis management will also enable organizations to successfully prepare for, respond to, and recover from a crisis. 


Preparing for crises includes developing a crisis management plan, which will direct crisis management and enable the organization to prepare its response procedures. Crisis response management procedures enable organizations to make sound decisions within time constraints and conduct initial impact assessments in order to mitigate the negative consequences of a crisis. Whereas, crisis recovery helps organizations regain their reputation, develop adequate strategies to return to normal operations, and adapt to potential changes arising from a crisis.


A significant factor that impacts crisis management is the establishment of effective communication channels and development of a communication plan. Nowadays, news can travel very fast through online platforms. Hence, it is important that organizations communicate with relevant stakeholders regularly and not withhold information that is relevant to employees, customers, and other interested parties. If not managed appropriately, ineffective communication may lead to irreparable damage to the organization’s reputation and, eventually, to its demise. 


Lastly, crisis management includes exercises and evaluation as part of continual improvement. Exercises enhance employee competence by preparing them to respond to a crisis effectively. In addition, by evaluating the employees’ performance while doing the exercises, the organization can identify opportunities for improving its crisis management capability.


Benefits of ISO 22361


Organizations that establish a crisis management capability based on the ISO 22361 guidelines will be able to:


  • Maintain, monitor, and improve their crisis management capability 


  • Ensure the commitment of leadership to crisis management


  • Facilitate strategic decision-making before, during, and after a crisis 


  • Establish effective internal and external communication channels that are beneficial in times of crisis


  • Improve organizational resilience 


  • Establish, foster, and promote safety culture



 To find out more about this course, to chat with us about it or to book please click here to contact us and we'll get back to you right away. 

bottom of page