Why?Delivering BCMS for our customers across an international market is currently one of our main service offerings. In delivering BCMS we advise and support our customers on what they need to ensure they have good Business Continuity practices in place, on how they can make their organisation more resilient and how they can mitigate and reduce impact should they be affected by an incident.
Not only is it common sense that we ‘practice what we preach’ but it provides reassurance to our customers and those looking to work with us, we know what we are doing. If we are able to demonstrate that our own house is in order and that we are certified against recognised International Standards, we can ensure that the needs of our customers are exceeded and that we are continually focusing our efforts on delivering quality services.
We are proud of our core values – passion, knowledge, integrity and accountability and believe that obtaining certification clearly demonstrates our commitment to providing consistent, reliable and dependable expertise, along with a competitive advantage in being able to offer a differentiation of service.
How?Being already certified for ISO/IEC 27001 Information Security Management Systems, CQR UK had a head start when it came to expanding their credentials and obtaining certification to the ISO 22301 Business Continuity Management Systems.
For CQR UK, this was not only seen as an opportunity to complete a refresh of our own BCMS but as an opportunity to provide training to members of our staff who are relatively new to the world of Business Continuity. It’s important that we look to develop our staff and involve them with the continued success and growth of the company. Involving our staff provided them with the opportunity to learn and gain experience, not only on how to deploy a strong BCMS aligned to the requirements of the standard but the opportunity to experience how an audit is performed.Preparing for the audit was given full commitment from our management team. Time and effort was allocated to allow us to review our procedures and to improve them in line with the requirements of the International Standard. We completed a pre-assessment and gap analysis which helped to identify areas of improvement and allowed us to apply lessons learned to help improve our own BCMS and our customers. Aligning to the standard allowed us to focus our efforts on the framework, explicitly in terms of interested parties, legal and regulatory requirements, risk management and management reviews of the effectiveness of our BCMS.
The audit process itself was relatively straightforward; the legwork had been done so it came as no surprise that when we completed the Stage 1 assessment in March our auditor reported no non-conformities. Stage 2 and subsequent certification was achieved in April.Benefits
There are many benefits in achieving certification, being able to demonstrate our commitment to Business Continuity Management Systems and provide assurance to our customers that we deliver quality and knowledgeable services goes without saying. Certification will also help us expand and provide us with a competitive advantage. We can easily demonstrate our commitment to fulfil new tender requirements and win new business.
Obtaining certification gave us the opportunity to improve the maturity of our own BCMS and helped to ensure we had a consistent documented approach that could also be used to benefit the implementation of BCMS within our customer organisations.
Completing the certification provided us with the opportunity to continuously improve our own BC processes and procedures, ensuring that we can maintain our operations with minimal disruption should we ourselves be impacted by an incident.
Certification enables us to demonstrate to both our internal and external interested parties that we have robust management systems in place to cope with a business interruption and this isn’t just us saying this, it has been validated by an independent external auditor.What next?
We will look to continually improve our BCMS not only in-house for CQR UK operations but looking to expand our certification to include our operations within our sister organisation in Australia. On-going assessment will be completed to ensure that our BCMS not only continues to meet the requirements of the standard but provides us with the on-going opportunity to continually improve.
We will also be looking after our customers, providing support and assistance to those that wish to obtain certification or continually improving their existing BCMS to align to the recognised practices of the standard.Our thoughts
"CQR are thrilled to add ISO 22301 with our ISO 27001 certification enabling us to operate an integrated management system. This demonstrates our Business Continuity and Information Security expertise and competence to our clients as a critical service provider. It reinforces our commitment to clients that we take both Business Continuity and Information Security seriously and demonstrates that we understand what it takes to protect our most important assets our people and business”. Greg Inge, Managing Director“Obtaining certification against ISO 22301 is a goal I’ve been looking to achieve since joining CQR and I’m extremely proud to have been involved in the process and refresh of our BCMS. Obtaining certification not only shows that we are capable but also credible in our abilities to deliver great BC systems, for me something that I’m extremely passionate about. Whilst I did feel apprehensive upon waiting for the arrival of the auditor, I was extremely confident that we had done everything that was required and more to ensure certification was achieved. In fact, I was so proud of the work undertaken I felt at times I was showing off our achievements even when not asked. Receiving confirmation that we had no non-conformities was the highlight, although I thought this would be the case, it’s nice to be told.” Claire Phipps, MBCI
ContactTo find out more about services from CQR UK and how we can support your business, contact us on 01865 882225