Preparing for ISO 22301 Certification
The pre-certification readiness checklist — mandatory documented information, BIA and strategy documentation, BCP completeness, exercise records, internal audit completion, management review, and the evidence that Stage 1 auditors specifically review.
Explore Resource
Selecting a Certification Body for ISO 22301
How to evaluate and select an accredited certification body — KAN accreditation requirements for Indonesian organisations, IAF multilateral recognition, multi-standard CB selection, auditor BCM competence, and what to look for in a BCM-specialist auditor.
Explore Resource
Stage 1: Documentation Review
What happens at Stage 1 — the auditor’s review of the BCMS scope, documented information, BIA methodology, BCP structure, and the documentation gaps that most commonly generate Stage 1 findings.
Explore Resource
Stage 2: Implementation Audit
The Stage 2 audit process — what auditors test in a BCMS implementation audit, how business continuity auditing differs from ISO 27001 auditing, how to demonstrate that plans actually work, and what the most consequential audit activities are.
Explore Resource
Common ISO 22301 Audit Findings
The most common nonconformities in ISO 22301 certification audits — from BIA methodology gaps and missing MAO/RTO documentation through inadequate exercise programmes and BCP activation criteria that are never tested — with prevention and remediation guidance.
Explore Resource
Surveillance Audits and Recertification
The 3-year certification cycle for ISO 22301 — annual surveillance audit scope and focus areas, the interim BCM activities that must be evidenced, what triggers additional audits, and the recertification process.
Explore Resource
Integrating ISO 22301 and ISO 27001 Audits
How to run combined ISO 27001 and ISO 22301 internal audits and combined certification audits — shared audit programme, combined audit team, integrated audit report, and the efficiency and coverage benefits of integrated auditing.
Explore Resource