ISO 22313

ISO 22313:2020, Security and resilience - Business continuity management systems – Guidance to the use of ISO 22301, is an international standard developed by technical committee ISO/TC 292 Security and resilience. This document provides guidance for applying the requirements for a business continuity management system (BCMS) in accordance with the requirements set out in ISO 22301:2019.

The aim of ISO 22313 is to explain and clarify the meaning and purpose of the requirements stated in ISO 22301. While this standard does not restate the requirements included in ISO 22301, its structure mirrors that of ISO 22301.

The second edition of ISO 22313 published in 2020, cancels and replaces the first edition, ISO 22313:2012, which has been withdrawn.

Scope and contents
ISO 22313 has adopted the new format for writing management system standards described in Annex SL and it includes the following ten main clauses:
 * 1) Scope
 * 2) Normative references
 * 3) Terms and definitions
 * 4) Context
 * 5) Leadership
 * 6) Planning
 * 7) Support
 * 8) Operation
 * 9) Performance evaluation
 * 10) Improvement

Related standards
ISO 22313 is part of a series of ISO standards and Technical Specifications on Business continuity management, including
 * ISO 22301:2019 Security and resilience – Business continuity management systems – Requirements
 * ISO/TS 22317:2021 Security and resilience – Business continuity management systems – Guidelines for business impact analysis
 * ISO/TS 22318:2021 Security and resilience – Business continuity management systems – Guidelines for supply chain continuity
 * ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity
 * ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy
 * ISO/TS 22332:2021 Security and resilience – Business continuity management systems – Guidelines for developing business continuity plans and procedures
 * ISO/IEC/TS 17021-6:2015 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems

History
This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in 2012. ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard.