Similar to other standards, ISO22301 devotes its first three sections to Scope, Normative References and Terms & Definitions. The remaining seven sections are summarised as follows:
• What the organisation does and the potential impact of disruptions
• Relationship with other policies and wider risk management
• Contractual and other requirements
• Who the interested parties are
• Scope of the management system
The standard definitely pushes the boundaries of trust in organisational managers; it is ever so slightly obsessive about repeatedly analysing and documenting what the organisation does. What used to be covered in the ‘understanding ...