ISO 22301:2019 - Security and Resilience

The standard focuses on risk assessment, business continuity planning, training, validation, and continuous improvement to ensure a comprehensive approach to resilience.

We start with an initial consultation to understand your needs and objectives through a 45-minute discovery call. This is followed by a digital proposal outlining recommended services, approach, timeframes, and investment required. We can then develop a detailed project plan based on agreed priorities. Once signed, an hours' engagement meeting is conducted within a 4 week window, and then the program begins.

We use a combination of engagement strategies, including stakeholder workshops, training sessions, communication campaigns, and practical exercises to build awareness and capability across all levels of the organisation. At a more general level, we build relationships with key members of your team through email campaigns, one on one meetings, and even connecting over LinkedIn. This builds trust and typically uncovers issues or ideas from more introverted colleagues.

First and foremost, it is the simplicity of our programs. Many organisations and professionals are led to believe that the "threat landscape is evolving at an unprecedented rate", and whilst there is no legitimate data to support this claim, it only creates fear through marketing. We believe that resilience can be a simple, modern skill developed through building a culture of resilience, and removing the noise of bulky plans and poor technology.

ISO 22301:2019 is an international standard for business continuity management, ensuring organisations can effectively respond to and recover from disruptions, safeguarding operations and reputation. Obtaining any ISO standard is evidence of your commitment to running a sustainable business. The ISO 22301:2019 standard is a competitive and practical step in ensuring true resilience.

Initially, we need to understand your current resilience capabilities, regulatory obligations, key risks, and strategic objectives. We'll provide a detailed information request once we agree on the scope of engagement via our client portal.

The timeline varies based on the organisation’s size and readiness, typically taking 6-12 months for most businesses to prepare and complete the process. You should expect at least 2 years to ensure a consistent, momentum driven approach to the standards set out in 22301:2019.

Our pricing is based on the scope of services required, organisation size, and complexity of requirements. All activities start from a base investment that we can share with you. We provide detailed proposals with clear deliverables and can structure engagements to align with your budget constraints. Typically, our client base has an annual business continuity budget of $45,000 or an entire resilience program of between 55 and $100,000.

Any organisation that values resilience, continuity, and stakeholder trust can benefit, especially those in critical industries like finance, healthcare, and technology. Typically, the financial commitment and resource required means this standard is isolated to larger, multi-national businesses. However, Fixinc is able to provide programs that replicate the standard for smaller operations and whilst this won't establish the certification ISO provide, it will provide you the maturity to deal with any disruption.

We specialise in serving medium to large-sized organisations across New Zealand, Australia, and Malaysia (the Oceania and ASEAN regions), in both public and private sectors. Our clients include financial institutions, government agencies, healthcare providers, and major corporations. You can see a list of all our industries serviced here.