ISO 22301 is an international business continuity management systems (BCMS) standard. The standard guides organization's planning, developing, implementing, operating, monitoring, reviewing, maintaining, and improving their BCMS. Clause 7.1 of ISO 22301 is the Resources clause, which outlines the requirements for organizations to ensure they have the resources necessary to maintain their BCMS.
This clause requires organizations to identify and provide the resources to develop, implement, maintain, and improve their BCMS. This includes the resources to support the organization’s risk management and business continuity activities. The Resources clause also requires organizations to ensure sufficient resources are available during a disruption or emergency.
Definition of Resource
A resource is anything required to operate a business process or activity. Resources may include people, money, facilities, materials, information, or other assets depending on the context. In ISO 22301, clause 7.1 defines a resource as "anything required for the operation of a business process or activity." This broad definition includes people, money, facilities, materials, information, and other assets. The term "resource" is also used in other ISO management system standards, such as ISO 9001 (quality management) and ISO 14001 (environmental management).
Types of Resources
The type of resources required for an activity described in ISO 22301 clause 7.1 are:
- People: individuals' competence, knowledge and skills are necessary for the successful execution of many activities.
- Equipment: tools, machines, vehicles and other physical resources required for an activity.
- Information: this includes data, records, documents, manuals and other documented information required for the successful execution of many activities.
- Materials: the raw materials, packaging, parts, consumables and other supplies required for an activity.
- Facilities: the buildings, land, plant and other physical infrastructure required for an activity.
- Services: the external services required for the successful execution of many activities.
This is an essential list to consider when planning the resources required for an activity, as it ensures that all necessary elements are considered.
How to Understand the Resources
Organizations must decide to manage the risks associated with business continuity. Part of these arrangements is having the right resources to deal with an incident. A critical standard that sets out requirements for these arrangements is ISO 22301, Societal Security – Business continuity management systems – Requirements. This article looks at the requirements for resources in ISO 22301 clause 7.1. It guides understanding the needs, so you can make arrangements to ensure your organization has the right resources to deal with an incident.
What are the Benefits of Resources?
Organizations must have adequate resources to meet their objectives and respond to emergencies. Resources include people, information, equipment, facilities, and supplies.
To determine what resources are required, organizations need to consider the types of emergencies that could occur, the risks that have been identified, and the objectives that have been established. Organizations should also consider how they acquire, maintain, and store the needed resources.
The benefits of having adequate resources in ISO 22301 clause 7.1 are that it helps ensure an organization can meet its objectives and respond to emergencies effectively. It also helps to ensure that resources are available when they are needed and that they are used efficiently.
How to Get Started with Resources?
Developing a plan is the first step in creating a business continuity management system (BCMS). This plan will serve as a roadmap for the development, implementation, and maintenance of your BCMS. To get started, you must gather a team of individuals responsible for different aspects of the plan. This team should include representatives from all levels of the organization, as well as from other departments.
Once you have assembled your team, you must choose a plan development method. There are many different approaches you can take. Still, the most important thing is to ensure that the process is systematic and that it considers your organisation's specific needs. After the plan has been developed, you will need to implement it. This process will involve training, testing, and auditing. Once the project is in place, you must regularly review and update it to ensure it remains effective.
After reading and understanding the requirements of clause 7.1, it is essential to conclude what types of resources are needed to comply with the standard. The conclusion should be based on the specific requirements of the clause, as well as the organization's specific needs. Several different types of resources can be used to comply with clause 7.1 of ISO 22301. These resources can be divided into three broad categories: human, physical, and information.