Scribd
Upload
7 views

ISO_22301_Gap_Analysis_service_description_US

IT Governance USA offers an ISO 22301 Gap Analysis service to assess an organization's compliance with the ISO 22301 standard for business continuity management systems. The service includes an initial assessment of existing policies and procedures followed by a detailed report highlighting compliance gaps and providing an action plan. This service is designed for organizations with up to 250 employees and includes options for payment and consultancy support.

Uploaded by

achbanipro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

ISO_22301_Gap_Analysis_service_description_US

IT Governance USA offers an ISO 22301 Gap Analysis service to assess an organization's compliance with the ISO 22301 standard for business continuity management systems. The service includes an initial assessment of existing policies and procedures followed by a detailed report highlighting compliance gaps and providing an action plan. This service is designed for organizations with up to 250 employees and includes options for payment and consultancy support.

Uploaded by

achbanipro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

IT Governance

ISO 22301 Gap Analysis


Service Description

Protect ● Comply ● Thrive


Get a true picture of your ISO 22301 compliance posture

IT Governance USA’s ISO 22301 Gap Analysis service provides an informed


assessment of your organization’s current level of compliance with ISO 22301 –
the international standard describing best practice for a business continuity
management system (BCMS).

Why conduct an ISO 22301 gap analysis?

An ISO 22301 gap analysis will enable you to:


• Clarify the scope of your BCMS
• Identify and prioritize key areas for improvement
• Set informed and realistic project expectations tailored to your
organization
• Get the detailed and customized information you need to develop a strong
business case for implementing an ISO 22301-compliant BCMS

Service description

There are two key phases to the ISO 22301 Gap Analysis service: an initial
assessment of any existing business continuity policies and procedures, followed
by a report collating the findings.

Phase 1: Assessment

You will be assigned a business continuity consultant who will assess your
organization’s continuity policies and procedures against ISO 22301’s
requirements. Key elements of the assessment may involve:
• A review of the key continuity policies and procedures
• An inspection of the operation of key processes, systems, and
documentation
• Interviews with key staff, covering existing processes and procedures and
initiatives currently underway, and comparing these to the following ISO
22301requirements:

Clause Component

Understanding of the organization and its context


4 Context of the Understanding the needs and expectations of interested
organization parties

Determining the scope of the BCMS

Establishing and maintaining the BCMS

Leadership and commitment


5 Leadership Management commitment

Policy

Organizational roles, responsibilities, and authorities

© IT Governance USA 2018 Service Description Template


6 Planning Actions to address risks and opportunities

Business continuity objectives and plans to achieve


them

Resources

Competence
7 Support
Awareness

Communication

Documented information

Operational planning and control

Business impact analysis and risk assessment


8 Operation
Business continuity strategy

Establish and implement business continuity procedures

Exercising and testing

9 Performance Monitoring, measurement, analysis, and evaluation


evaluation Internal audit

Management review

10 Improvement Nonconformity and corrective action

Continual improvement

Phase 2: Report

The ISO 22301 gap analysis report collates the findings of the gap analysis and
details the extent to which your organization complies with the Standard’s
requirements.

The report will include:


• An analysis of the overall state and maturity of your business continuity
arrangements
• Specific details of the gaps between your current business continuity
arrangements and ISO 22301’s requirements
• Options for the scope of an effective ISO 22301-compliant BCMS, and how
these options help to meet your business and strategic objectives
• An action plan that outlines the level of internal management effort
required to implement and maintain an ISO 22301-compliant BCMS
• A clause-by-clause compliance status report (red/amber/green) against
the requirements of ISO 22301:2012

© IT Governance USA 2018 Service Description Template


Eligibility

This service has been designed for organizations with up to 250 employees and
that have all key personnel based at a single site. This service can be delivered
to organizations in any sector or industry.

If your organization falls outside the eligibility criteria, IT Governance offers


bespoke services that can be tailored to suit your needs. Please contact us for
more information.

Resource requirements

To ensure your project can proceed according to schedule and fulfill its
objectives, you will be asked to provide essential information on documents and
procedures in relation to any current BCMS arrangements.

These requests should be treated with the appropriate priority to carry out the
gap analysis service effectively and according to schedule. These requests will be
managed to minimize disruption as much as possible.

You will also need to appoint an internal project coordinator to organize any
meetings with the consultant and ensure all the required information is provided
on time, and tasks and actions allocated to your staff are carried out as agreed.

Consultancy fee
We will invoice you for your project on signature. There are two payment
options: you may choose to pay the full amount over two installments (including
a 10% fee) or you can save 10% by paying the advertised standard fee.

For the installment option, the first invoice will be issued upon signature, while
the second invoice will be raised one month later. Payment is due within 28 days
of invoice date.

The price excludes any additional expenses such as travel, accommodation and
sustenance if needed.

Why choose IT Governance?


• Our consultants have extensive experience implementing ISO 22301-
compliant BCMSs.
• You are guaranteed successful certification.
• We have a proven and pragmatic approach to assessing compliance with
international standards, no matter the size or nature of the organization.
• Our pricing proposals are completely transparent, so you will not get any
surprises.

© IT Governance USA 2018 Service Description Template


• You will receive expert advice and guidance from our consultant from the
outset to help you develop a business case, allowing you to secure the
necessary leadership commitment and resources.

Contact us now for an obligation-free quote

Email: [email protected]
Call us: +1 877 317 3454
Request a call back: Contact us now

© IT Governance USA 2018 Service Description Template

You might also like