Iso 22301: Scheme Background

The scheme is based on the iso 22301 international standard for organization that envisions for resiliency. It helps to plan an effective business continuity management to protect against, reduce the likelihood of, and ensure business recovers from disruptive incidents. 

The ISO 22301 Scheme is driven under the 11th Malaysia Plan (Rancangan Malaysia Ke 11), which focuses on National Certification and Compliance Programme. This is parallel to the national requirement towards creating a resilient Critical National Information Infrastructure (CNII).

At present, the global business atmosphere and conditions are becoming more turbulent and sometime unpredictable. As Malaysia is focusing on building a knowledge-based economy and becoming more dependent on IT in the information age, the need to ensure business continuity in the event of crisis or disaster becomes more important than ever. Hence, organizations desiring to stay competitive and successful must be well protected, through heightened resiliency so it could remain profitably in the event of any fatal business disruption.

Having the certification does not only ensure readiness to deliver services and promises in the event of business disruption, but also provides assurance to business partners and customers while uniting the business into cohesive organization.

Certification Benefits:

Enhanced Organizational Resilience:

• ISO 22301 certification helps organizations identify potential threats and the impacts they could have on operations. By implementing a robust Business Continuity Management System (BCMS), companies can develop effective response strategies to minimize disruption, ensuring continuity of critical business functions during emergencies.

Improved Risk Management:

• The certification process involves comprehensive risk assessments and the development of mitigation strategies. This proactive approach to risk management helps organizations better understand their vulnerabilities and establish controls to address them, reducing the likelihood and impact of disruptive incidents.

Increased Customer Confidence and Trust:

• Certification demonstrates a commitment to maintaining high standards of business continuity, which can enhance the trust and confidence of customers, partners, and stakeholders. Knowing that an organization has a certified BCMS in place can be a significant differentiator in competitive markets.

Regulatory Compliance and Legal Benefits:

• ISO 22301 certification can help organizations comply with legal, regulatory, and contractual requirements related to business continuity. By aligning with internationally recognized standards, companies can avoid potential fines, legal issues, and reputational damage associated with non-compliance.

Operational Efficiency and Cost Savings:

• Implementing ISO 22301 helps organizations streamline their business continuity processes and improve overall operational efficiency. By having well-defined procedures and plans in place, companies can reduce downtime, minimize recovery time, and manage resources more effectively, leading to potential cost savings in the long run.

Impartiality Policy

• CyberSecurity Malaysia undertakes to manage impartiality and to ensure that certification activities undertaken are conducted in an impartial manner. We do not permit commercial, financial or other pressures to compromise its commitment to impartiality.
• The credibility, integrity and objectivity of a certification is fundamental to our client’s needs and for those that subsequently rely on it. We commit to ensure that any threats to the impartiality and confidentiality in the certification activities are managed robustly and pro-actively.
• We practice impartiality and monitors this closely through an impartiality committee made up of members representing key interested parties. We also commit to identify and assess risks in related certification activities which may result in a conflict of interest or pose a threat to impartiality. The risk assessment covers possible sources of conflict of interests, regardless of their origin.