Note: Not all pages are shown in this sample.
Terms Used
ISO22301 Gap Assessment Tool - Questionnaire
BCMS = Business Continuity Management System
Business continuity management systems - Requirements
Area
Section
Sub-section
ISO22301 Requirements
ISO22301 requirements met? Action needed to meet requirement
4 Context of the organization 4.1 Understanding the organization and its context
Have the external and internal issues that affect the BCMS been determined? Has the organization identified and documented its activities, products and services and relationships, and the potential impact of a disruptive event on them? Has the context been defined, in terms of objectives, risk criteria and appetite, and the purpose of the BCMS?
Section Total: 4.2 Understanding the needs and expectations of interested parties
4.2.1 General
Have the interested parties and their requirements been identified? Is there a procedure to identify, document and communicate applicable legal and regulatory requirements? Does the BCMS take the applicable legal and regulatory requirements into account?
Section Total: 4.3 Determining the scope of the business continuity 4.3.1 General management system 4.3.2 Scope of the BCMS
Area Total:
Yes
Yes Yes
Yes
3 Has the scope of the BCMS been determined and documented? Have exclusions to the scope been documented and explained?
Section Total:
Section Total:
Yes
3
4.2.2 Legal and regulatory requirements
4.4 Business continuity management system
Yes
Yes Yes
2 Is a BCMS in place and being continually improved?
Yes
1 9
Action owner