Back

Include Quality Management in the continuity framework.


CONTROL ID
12239
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a continuity framework., CC ID: 00732

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • includes a commitment to continual improvement of the BCMS. (§ 5.3 ¶ 1 d), ISO 22301: Societal Security - Business Continuity Management Systems - Requirements, Corrected Version)
  • promoting continual improvement; (§ 5.1 ¶ 1 g), ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • includes a commitment to continual improvement of the BCMS. (§ 5.2.1 ¶ 1 d), ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • achieve continual improvement. (§ 6.1.1 ¶ 1 c), ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • opportunities for continual improvement. (§ 9.3.2 ¶ 1 k), ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • procedures and resources that could be used in the organization to improve the BCMS' performance and effectiveness; (§ 9.3.2 ¶ 1 f), ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • The outputs of the management review shall include decisions related to continual improvement opportunities and any need for changes to the BCMS to improve its efficiency and effectiveness, including the following: (§ 9.3.3.1, ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • The organization shall continually improve the suitability, adequacy and effectiveness of the BCMS, based on qualitative and quantitative measures. (§ 10.2 ¶ 1, ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, Second Edition)
  • Monitor and evaluate diagnostics, data quality and staff performance, and incorporate findings into strategic review of national laboratory plan and share lessons learned (Pillar 5 Step 3 Action 1, COVID-19 Strategic Preparedness and Response Plan, OPERATIONAL PLANNING GUIDELINES TO SUPPORT COUNTRY PREPAREDNESS AND RESPONSE, Draft as of 12 February 2020)