惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
云风的 BLOG
云风的 BLOG
M
MIT News - Artificial intelligence
WordPress大学
WordPress大学
T
Tailwind CSS Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
Secure Thoughts
博客园 - 【当耐特】
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
博客园 - 司徒正美
Last Week in AI
Last Week in AI
C
Cybersecurity and Infrastructure Security Agency CISA
P
Privacy & Cybersecurity Law Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
B
Blog
The GitHub Blog
The GitHub Blog
小众软件
小众软件
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Spread Privacy
Spread Privacy
Martin Fowler
Martin Fowler
博客园 - 叶小钗
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tenable Blog
S
Securelist
博客园 - 三生石上(FineUI控件)
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Security Blog
Microsoft Security Blog
Apple Machine Learning Research
Apple Machine Learning Research
罗磊的独立博客
T
Threat Research - Cisco Blogs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
F
Full Disclosure
Cloudbric
Cloudbric
The Cloudflare Blog
Y
Y Combinator Blog
Hugging Face - Blog
Hugging Face - Blog
Microsoft Azure Blog
Microsoft Azure Blog
H
Hacker News: Front Page
腾讯CDC
L
Lohrmann on Cybersecurity
C
CERT Recently Published Vulnerability Notes
V2EX - 技术
V2EX - 技术
GbyAI
GbyAI
TaoSecurity Blog
TaoSecurity Blog
I
Intezer
The Last Watchdog
The Last Watchdog
G
GRAHAM CLULEY
Google Online Security Blog
Google Online Security Blog
T
The Blog of Author Tim Ferriss

WhatIs

Strategic IT outlook: Tech conferences and events calendar | TechTarget 8 AI use cases in manufacturing Enterprises are making an AI native transformation Zero trust in the IT ops stack: Securing hybrid workloads How algorithmic value sets enhance clinical decision-making Top methods for collecting customer feedback Build a data governance team that delivers results How to calculate the total cost of ownership of ERP software Communities call for transparency in AI data center deals Scalable IT infrastructure: Balancing speed with stability How health systems are tackling 'Kill the Clipboard' obstacles Understanding the science behind AI-based hiring assessments Tape's strategic role in modern data protection How to choose an HR software system in 2026: A complete guide The UC stack gets the policy job Top zero-trust use cases in the enterprise 13 top IT infrastructure conferences in 2026 SNMP vs. CMIP: What's the difference? 3 essential network analytics use cases AI Security Risks Force CIOs to Rethink Strategy Red Hat Summit 2026 news and conference guide | TechTarget What is HR technology (human resources tech)? Understand, optimize and track customer journey touchpoints Should IT use Apple Business Manager without MDM? Build and organize an effective machine learning team The storage modernization imperative in a fast-changing IT landscape Procurement automation use cases for CSCOs to consider 3 steps for health system leaders to drive patient safety culture What is DevOps? Meaning, methodology and guide Enterprises Face New Storage Bottlenecks as AI Grows A guide to Intune Suite licensing for endpoint management Epic controls 42% of the US EHR market. Does that help or hurt interoperability? SAP Sapphire 2026 news, trends and analysis | TechTarget How to develop a data governance strategy: 7 key steps 12 generative AI tools for marketing and sales teams Top 9 smart contract platforms to consider in 2026 Top 8 e-signature software providers for 2026 Rise with SAP vs. S/4HANA Cloud: What are the differences? How businesses use KPIs to measure AI's performance 5 clues your network has shadow AI How do digital signatures work? Collaboration security and governance must be proactive Compare SAP greenfield vs. brownfield approach for S/4HANA Merck, Home Depot tap Gemini Enterprise for AI agent development Rural challenges may dampen digital healthcare's potential Build an ethical AI framework: 12 top resources The great workload reshuffle: Choices for AI and analytics How to remove a device from Intune enrollment Cisco unveils quantum network advancements 3 BYOD security risks and how to prevent them 10 of the top carbon accounting software 8 trends powering machine learning's dynamic new roles Network engineers must take the lead to push DDI to the cloud How does Microsoft 365 Copilot pricing and licensing work? ONC highlights behavioral health EHR adoption trends, data exchange barriers LLMs struggle with clinical reasoning, study finds Democratizing AI in business: The good, bad and ugly What can organizations do to address BYOD privacy concerns? Fix the service path before you optimize it with AI How AI reshapes upselling in customer experience platforms When collaboration starts becoming operational drag Balancing health AI management with growing vendor sprawl Career cure for AI phobia: Be a beekeeper, not a worker bee 16 top applicant tracking systems for 2026 How a rural community hospital deploys AI to detect heart disease 8 examples of document version control Guide to 30+ sustainability certifications for professionals AI agents are only as smart as the data that feeds them AI could earn trust in transactional work first How to fix keyboard connection issues on a remote desktop How to add and enroll devices to Microsoft Intune 11 DevSecOps best practices to prioritize in 2026 6 key components of a successful data strategy How to enable Copilot in Microsoft 365: A step-by-step guide What CIOs need to know about Meta's proposed CEO AI agent Top AI recruiting tools and software of 2026 How contact centers detect and prevent fraud 10 essential skills for modern contact center agents Beyond the chatbot: Engineering the agentic enterprise AI in business intelligence: How to manage it effectively Why legacy networks are a growing liability Failure is an option as an IT leadership tool How HR can create a successful change management strategy HR AI is becoming a change management story Digital transformation: Balancing speed and governance RSAC 2026 Conference: Key news and industry analysis | TechTarget 8 best practices for a bulletproof IAM strategy 5 customer journey phases businesses should understand 12 top HR software and tool options to consider in 2025 6 contact center trends shaping the future of customer service Contact center monitoring best practices for CX leaders Cloud vs. local backup: Which is right for your organization? 6 steps for when remote desktop credentials are not working How governance maturity affects M&A integration outcomes Inside the push to turn AI agents into suite functionality How should contact centers use AI today? Accenture global health lead on scaling AI in healthcare with governance and intent 10 best free DevOps certifications and training courses in 2026 What is compensation management? What CIOs must know about bossware strategy
How to plan business continuity activities, with a template
2026-05-14 · via WhatIs

Paul Kirvan

By

Published: 14 May 2026

A business continuity management system requires several important activities scheduled throughout a calendar year. The schedule sets a clear time frame that facilitates resilience planning and provides evidence for future business continuity and resilience audits.

Business continuity management system (BCMS) activities help ensure the program performs optimally and complies with the requirements of the global business continuity standard, ISO 22301:2019, Security and Resilience -- Business Continuity Management Systems -- Requirements.  

According to the standard, a BCMS is "part of the overall management system that establishes, implements, operates, monitors, reviews, maintains and improves business continuity."

In addition, the standard states, "The management system includes organizational structure, policies, planning activities, responsibilities, procedures, processes and resources."

The standard describes the many activities required for compliance, but it does not specifically mandate the creation of an annual schedule or framework to perform the business continuity activities outlined in the standard. However, the standard frequently mentions the need for planning.

Many activities can be part of a BCMS or set of resilience-focused activities, so organizations that wish to comply with the standard should prepare an annual schedule of business continuity activities and review and update it periodically.

BCMS schedule template downloadClick here to download
our free template to get
started with creating a
schedule of business
continuity activities.

Depending on where business continuity and operational resilience activities are positioned within an enterprise, business leaders must commit to executing BCMS activities, and a schedule helps ensure they are completed.

Advances in technology since the 2019 update to ISO 22301 must be factored into schedule planning activities. These include the following:

  • Emergence and evolution of resilience activities. These go beyond simply recovering the business following a disruption. Moving to resilience means lessons learned from an incident are used to adapt the BCMS so it can respond more effectively in the next event.
  • Cloud-based technologies supporting BCMS. In addition to cloud-based data storage, backup and recovery tools, and intelligent as-a-service platforms addressing business continuity can also streamline the BCMS process.
  • Increased use of IT service management (ITSM) strategies. Business continuity and resilience activities are increasingly included in ITSM frameworks and technologies. It is no longer a boutique discipline.
  • AI. The rapid growth of AI has affected business continuity and resilience disciplines. A growing number of BCMS platforms include AI to streamline the planning process, improve the execution of risk analysis and business impact analysis activities, and optimize BCMS plan response, recovery and restoration processes.

Understanding core business continuity activities

ISO 22301:2019 includes the same fundamental areas in which a BCMS should function. Its companion standard, ISO 22313:2020, Security and Resilience -- Business continuity management systems -- guidance on the use of ISO 22301, provides greater detail on the activities outlined in ISO 22301.

Both documents were used to prepare Table 1, which lists key BCMS activities, organized by the standard's framework, and includes suggested scheduling timeframes.

A chart listing BCMS activities based on ISO 22301.
This chart includes suggested BCMS activities based on ISO 22301 and current BCMS practice. A full list of activities can be found in the downloadable template.

Activities in Table 1 ensure the BCMS complies with the standards and addresses current technology and operational resilience considerations.

The table lists sufficient activities to make compliance with ISO 22301 requirements easier from an audit perspective. The activities also represent good BCMS and resilience practices and should be tailored to specific organizational requirements.

Implementation best practices

Successful implementation of scheduled activities starts with support and funding approved by senior management.

Additional best practices to ensure optimum performance of the BCMS include the following:

  • Ensure all members of the BCMS team support the program.
  • Consider scheduling specific activities -- for example, risk assessments that should be more frequent than suggested in Table 1.
  • Include discussions of BCMS activity in weekly IT department or other relevant department staff meetings.
  • Establish relevant performance metrics and monitor them.
  • Monitor developments in the business continuity and resilience industry to identify new and advanced technologies.
  • Use advanced technologies where possible to enhance the overall level of business continuity and operational resilience.
  • Report to management on the state of continuity and resilience at least quarterly.
  • Establish a process to continuously monitor the performance of all systems and technology used to support the BCMS.
  • Identify ways to inform and engage stakeholders, vendors and other third parties on the importance of continuity and resilience.
  • Develop a budget for the BCMS and related activities and get senior management approval.

Using the planning template

The BCMS schedule planning template is formatted as a 12-month calendar with space in each month for a check mark. This approach can help indicate when to perform specific activities. From that starting point, progress to assigning specific calendar dates. When additional activities are identified, insert them in the planning template.

Editor's note: This article was originally published in 2020 and was updated to reflect changes in ISO standards and business continuity best practices.

Paul Kirvan, FBCI, CISA, is an independent consultant and technical writer with more than 35 years of experience in business continuity, disaster recovery, resilience, cybersecurity, GRC, telecom and technical writing.

Next Steps

ITGC audit checklist: Controls you need to address

Dig Deeper on Disaster recovery planning and management