ER16 Business Continuity Risk Register

File Reference : ER16 Business Continuity Risk Register
Date File Updated 01/07/2022
File Format MS Excel
No. of files 2
Category Registers
Tags: ISO 22301
  • £35.00


This register is intended to assist with development of an overall Business Continuity Management System to the requirements of ISO 22301:2012 / ISO 22301:2019 but can also be used by any organisations wishing to complete formal review and analysis of Critical Functions, Impact Analysis and Monitoring and Testing arrangements.

Register includes formal review and consideration of context including details of any assumptions as required by the ISO 22301 standard.

Listing of Critical Functions with automatic scoring mechanism to calculate Continuity Priority based on importance of the activity and recovery priority - detail of all the critical functions that are necessary for the provision of services. Required resumption time for each activity can also be stated as well as details of any dependencies and supporting resources, legislation and interested parties.

Separate business impact analysis where each critical function can be further reviewed in terms of potential disruption including calculation of disruption potential risk rating and details of control measures  / continuity arrangements and a residual risk rating. Consideration given to proactive measures that; a) reduce the likelihood of disruption, b) shorten the period of any disruption, and c) limit the impact of disruption on the Critical Functions.

This combined review of critical-functions and linked impact-analysis makes use of conditional formatting to highlight areas with high risk or high continuity priority.

A summary of monitoring and testing activities can also be completed to ensure any continuity arrangements are detailed including any renewal dates and other testing and checks are detailed.

Sample Data version of the register also available with details of common critical functions and business impact analysis included,

ISO Consultant 23/06/2020

The risk register for business continuity is very beneficial when working with ISO 22301 or want to ensure continuity within an organisation. It looks at critical functions and prioritising them in terms of importance.
There is an additional impact analysis included and sheet for monitoring and testing. This makes it easy to develop a business continuity plan following the assessment.

ISO Consultant 10/01/2020

This register is essential for ISO 22301 compliance but it is also relevant for any organisation wishing to complete a more comprehensive review of risks and continuity.

Review of Critical functions and Business Impact analysis are very useful if preparing a business continuity plan.

Add a Comment

Please Login or Subscribe to add Comments.