Guidelines on boosting commercial resilience in the face of COVID-19

The UK national standards body (BSI) has released new risk and business continuity standards to help firms navigate the effects of the coronavirus pandemic. 

The package provides best practice guidance on how to approach, manage and overcome some of the difficulties that thousands are facing. Themes include security and resilience, supply chain continuity and crisis management. 

BSI is also working with the Emergency Planning College (EPC) - part of the Cabinet Office Civil Contingencies Secretariat - to deliver best practices guidance through a series of webinars.

“COVID-19 has heightened awareness of the importance of being prepared, business continuity and crisis management,” says Scott Steedman, director of standards at BSI. 

“BSI standards contain this expert guidance and we are putting it in the hands of those who need to apply it. We hope that sharing these standards at no cost will help SMEs and organisations across the UK weather the economic crisis that they are facing.”

The suite of eleven risk and business continuity standards are: 

1. BS EN ISO 22301 Security and resilience — Business continuity management systems — Requirements

The standard specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.

2. BS ISO 31000 Risk management — Guidelines

The standard provides guidelines on managing risk faced by organizations. It provides a common approach to managing any type of risk and is not industry or sector specific.

3. PD ISO/TS 22330 Guidelines for people aspects of business continuity

The standard gives guidelines for the planning and development of policies, strategies and procedures for the preparation and management of people affected by an incident.

4. PD ISO/TS 22318 Guidelines for supply chain continuity

The standard gives guidance on methods for understanding and extending the principles of Business Continuity Management embodied in ISO 22301 and ISO 22313 to the management of supplier relationships.

5. BS EN ISO 22313 Security and resilience. Business continuity management systems. Guidance on the use of ISO 22301

The standard gives guidance and recommendations for applying the requirements of the business continuity management system given in ISO 22301.

6. PD CEN/TS 17091 Crisis management: Building a strategic capability

The standard provides guidance on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability. 

7. ISO 22316 Security and resilience. Organizational resilience. Principles and attributes.

The standard provides guidance to enhance organizational resilience for any size or type of organization.

8. BS ISO 22320 Security and resilience. Emergency management. Guidelines for incident management

The standard gives guidelines for incident management, including principles that communicate the value and explain the purpose of incident management. It also covers the basic components of incident management including process and structure, which focus on roles and responsibilities, tasks and management of resources, and working together through joint direction and cooperation.

9. BS ISO 22395 Security and resilience. Community resilience. Guidelines for supporting vulnerable persons in an emergency  

The standard gives guidelines for organizations to identify, involve, communicate with and support individuals who are the most vulnerable to natural and human-induced (both intentional and unintentional) emergencies. It also includes guidelines for continually improving the provision of support to vulnerable persons in an emergency. 

10. BS ISO 22319 Guidelines for planning the involvement of spontaneous volunteers 

The standard provides guidelines for planning the involvement of spontaneous volunteers in incident response and recovery. It is intended to help organizations to establish a plan to consider whether, how and when volunteers can provide relief to a coordinated response and recovery for all identified hazards. It helps identify issues to ensure the plan is risk-based and can be shown to prioritize the safety of the volunteers, the public they seek to assist and incident response staff.

11. BS 31100 Code of Practice for risk management  

The standard gives recommendations for implementing the principles and guidelines in BS ISO 31000:2009, including the risk management framework and process. It provides a basis for understanding, developing, implementing and maintaining proportionate and effective risk management throughout an organization, in order to enhance the organization’s likelihood of achieving its objectives.

Download the standards and sign-up for the BSI webinar series at by clicking here.  

  • BSI is appointed by the UK Government as the national standards body and represents UK interests at the International Organization for Standards (ISO), the International Electrotechnical Commission (IEC) and the European Standards Organizations (CEN, CENELEC and ETSI). Best known in the equestrian industry for riding hat safety standards, BSI’s role is to help improve the quality and safety of products, services and systems by enabling the creation of standards and encouraging their use.  BSI was formed in 1901 and publishes over 2,700 standards annually. 

Business photo created by pressfoto -