Secure Your Business



From implementation to the Certificate for Business Continuity Management,
which is recognized worldwide, in three project steps


At the selection of subsuppliers and service providers, the demonstration of protective measures (controls) helping to maintain the business processes is becoming more and more important. Thanks to federal accreditation for system certifications acc. to ISO 22301, CIS is a pioneer in Austria and also is one of the first global players that can certify business continuity management systems. As for the procedure, certification acc. to ISO 22301 conforms to the structure of certification projects acc. to chess_istockphoto_courtneyk_quer_WEB_fk_hellerISO/IEC 27001 (information security) and ISO/IEC 20000 (service management). This is why seamless system integration is possible so that combined Certification Audits can open up useful synergies. The project procedure can be broken down into three phases:


Information: An initial interview with CIS furnishes details about the certification process.
This is followed by registration and project planning.


Analysis: Evaluation of the individual requirements and assessment of existing measures within the company. CIS as an independent Certification Body is not involved.


Implementation: Establishing measures according to the requirements ISO 22301 places on business continuity. CIS as an independent Certification Body is not involved.





CIS Stage Review (voluntary preliminary review): Upon request, CIS will review the usefulness and efficiency of the system elements implemented in the course of the project. The audit report provides

a detailed strength / weakness profile.

CIS System & Risk Review (preliminary review): CIS reviews interpretation of the requirements placed

by the Standard as well as documentation. Deficiencies and opportunities for improvement will be laid down in a short report. This preliminary review serves as a “general rehearsal” before the Certification Audit.


CIS Certification Audit: The CIS Auditor reviews the management system implemented by making multiple samples on different levels of the organization. The audit report shows opportunities for improvement.




CIS Licence: By obtaining the “Certificate Issuance & Right to Use Licence”, you obtain the CIS Certificate, which makes the process quality of the BCM system visible to your customers and will be valid for three years.


CIS Surveillance Audit: The Surveillance Audit, which is conducted once a year, reviews effectiveness of the overall management system as well as continual improvement.


CIS Recertification Audit: After 3 years, the Certificate, which has expired, can be renewed.


CIS - Certification & Information Security Services GmbH T +43 (0)1 532 98 90 office@cis-cert.com