ISO 22316: Security and Resilience

isodis-22316The new ISO 22316 standard about organizational resilience will be published ultimo at the beginning of 2017. It has been developed by the ISO/TC 292 – Security and resilience – committee of the International Organization for Standardization in Geneva.

Organizational resilience is the ability of an organization to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. It is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal.

Top management commitment to enhance organizational resilience will contribute to:

  • an improved capacity to anticipate and respond to threats and opportunities;
  • an ability to identify and address vulnerabilities before they have a material impact;
  • a more coordinated approach to integrate existing management disciplines that support organizational resilience; and
  • a greater understanding of interested parties and dependencies that support strategic goals and objectives.

unknownBrian Roylett (Australia), the project leader responsible for the development of ISO 22316, explains:

An organization’s adaptive capacity is a product of a wide range of capabilities including the ability to anticipate, respond to, and recover from disruptive events. These are often supported by well established processes such as risk management and business continuity initiatives, which are usually the focus of key activities to enhance resilience. Organizations should also establish agile and flexible business structures and management systems allowing them to adapt to changing circumstances.”

The project team working with ISO 22316 consists of international experts, practitioners, researchers, senior cross-functional leaders and decision makers in the areas of organizational culture, leadership, support processes, and risk management systems. People with the capacity and experience should get involved to actively influence the content of this organizational resilience standard by sharing and gaining knowledge.