ISO 22301 Tool: Ensure Business Continuity with Compliance Aspekte

Software for implementation of the international standard for business continuity management systems (BCMS) to guarantee the security and resilience of your company.

ISO 22301 Business Continuity
Infopulse GRC-Software


Hosted in Germany

Companies that trust us

Jobnet logo
I doit logo
Wibocon logo
carmao logo

What is ISO 22301 and how our tool is of use here

ISO 22301 is the international standard created to ensure efficient business continuity management by protecting companies from disruptions, be it pandemics, cyberattacks, unexpected software failures, fire, natural disasters, or other dangers. 

Essentially, this standard allows organizations to continue providing products and services within acceptable times at a predefined capability during any crisis.

How our tool is of use here?

Compliance Aspekte is a GRC solution that helps companies implement a holistic business continuity management system across the entire organization while ensuring compliance with the ISO 22301 standard. 

The software tool pinpoints factors that threaten your business and its essential business functions. Compliance Aspekte allows you to develop feasible plans beforehand to guarantee that your company doesn’t shut down during a disruption.

What are the Main Benefits of ISO 22301 BCM?

Discover the tool
  • Protected turnover and profits
  • Insurance of efficient crisis management by keeping critical functions operational
  • Reactive incident reduction through proactive measures
  • Increased speed of recovery during incidents
  • Showing customers, suppliers, partners, and stakeholders your business resiliency

Clients’ feedback

Compliance Aspekte is very user-friendly and customization is easy. We can conduct ISO compliance, and data protection…we can make anything we want in one tool. And this is the only tool with which it is possible. It helps us to keep the data consistent and simplify audits. The Compliance Aspekte tool is better than the existing competitors on the market and at the same time cheaper.

Sascha Koras
Governance, Risk & Compliance Officer

One of the features we like best about Compliance Aspekte is its streamlined compliance process. The interface has a clean and structured design, ensuring usability and workflow speed. This not only results in a steep learning curve for new users but also lets experienced users minimize effort. At every stage during the security management lifecycle process, recurring tasks like scoping, structural analysis, modeling, and even tracking risks and controls are supported by a variety of features, e.g. mapping controls with multiple requirements, assigning individual assets to different scopes as well as expanding requirement and control catalogs. On top of that, the performance of the platform is great – it is stable and good in terms of speed efficiency. Having Helga, the compliance assistance bot, is also a very special plus as she can explain terms and provides guidance through the application. We really love and live Compliance Aspekte!

Florian Süß
Senior Information Security Consultant at DATA SYSTEMS GmbH

We’ve been staying with Compliance Aspekte for a long time as it is one of the most convenient and flexible compliance tools on the market. With this tool, we can easily create our own assets, and asset types, import risk catalogs, create our own controls, define our own requirements in regard to the assets, pack them into modules, and then automate everything in a flexible way. Among the other decent features that we take advantage of, are user-friendly gap analysis, the possibility to switch from a tree view to grids, and extensive collaboration functionality. Overall Compliance Aspekte significantly reduces the time spent and the risks of mistakes.

Daniel Schreiner
Senior Account Executive at expertree
ISO 22301 Certification

Create BCMS with Compliance Aspekte

Business continuity is an integral part of an organization’s information security management system,
and Compliance Aspekte will help you efficiently manage BSMS as a part of your ISMS.

With Compliance Aspekte, companies can:

Book a demo

use in-built templates and instructions to conform to ISO 22301 with an opportunity to meet individual needs

import external information for business impact analysis from configuration management databases (CMDB) or other enterprise systems that refer to the business continuity management process

have a bird’s-eye view of all input data (such as asset structure model, correction to requirements, threats, and safeguards) in one place

Book a demo

Explore Compliance Aspekte Features

ISO 22301 Business Continuity
  • Standard implementation guide for the compliance assessment according to BCMS policies
  • Business continuity and disaster recovery planning
  • Merging of all dispersed data into a single platform (through CMDB or manual entering)
  • Customizable and automated reporting that comes with report templates and an opportunity to create custom ones
  • Clear, informative, configurable, and easy-to-use dashboards that provide a complete overview of all compliance management activities, with the power to determine overdue tasks or analyze assets
  • Chat-bot Helga

Try the Business Continuity Management tool for free

Request a demo and obtain a free consultation & 3-months free trial

    What Standards are you interested in?

    I have read the privacy policy and agree.

    What is Business Impact Analysis and How to Conduct It in ISO 22301?

    A business impact analysis, or BIA, is one of the most fundamental components of creating a business continuity management system. According to ISO 22301, BIA is a process of analyzing the impact of disruption on the business.

    The business impact analysis helps to establish, implement, and maintain an assessment process to determine recovery priorities, requirements, and continuity goals.

    When analyzing business impacts, companies should undertake the following steps:

    Determine the types of impact and criteria applicable to the business environment
    Define the activities that facilitate the provision of products and services
    Evaluate the consequences over time (also known as the maximum tolerable period of disruption) of not performing those activities
    Set a priority time frame within the time identified in step four for renewing disrupted activities at a minimum acceptable capacity
    Use the analysis to determine the activities with priority
    Define which resources are required to support these activities
    Specify the dependencies, such as partners and suppliers, and interdependencies of these activities


    Compliance AI bot
    It is beneficial for all organizations, irrespective of size, business sphere, or location. Regulatory and certification bodies can also use the standard to assess a company’s capability to meet BCM ISO 22301 legal or regulatory requirements.
    It is not required for organizations to have the ISO 22301 certification. However, it can be a perfect indicator to your clients, partners, and stakeholders that your company satisfies the standard’s criteria has embraced international best practices and is ready to provide business continuity in case of any disruption.
    The four fundamental principles of business continuity management systems are: Getting management support: The total support from the C-level executives and board management ensures that the company will have all the necessary resources to start creating and implementing the BCMS and that it will be aligned with the company’s business strategy. It will also help to promote continuous improvement of the BCMS throughout the organization. Risk evaluation: The risk evaluation principle underlines the importance of considering damage scenarios that may cause business disruptions. The scenario must be specific to each particular organization. In this step, companies should be able to compute a risk score that takes into account two factors: the severity of an incident and its likelihood of occurring. BIA (Business impact analysis): BIA helps to identify essential activities and resources and then define the severity of the business impact if those activities were disrupted or those resources were unavailable. Business impact analysis will help to further determine priorities for recovery after a disruption: how quickly it will take you to resume each activity after an incident, etc. Business Continuity Plan (BCP): The fourth main principle includes the development of a BCP based on a company’s risk evaluation and BIA. Its goal is to stabilize the situation after the business process disruption. A BCP will include the following: – Contact details for suppliers, authorities, and other interested parties – Call trees featuring key staff to ensure the availability of the right competence – Step-by-step checklists in case of specific events
    Some of the crucial disruptions that companies can face are the following: – Cyberattacks – Data breaches – Data infringements – Adverse weather (fire, flood, hurricane, etc.) – Unplanned IT & software failures – Supply chain interruptions – Epidemics and pandemics (such as COVID) – Power outage – Loss of skilled staff – Acts of terrorism – Wars
    ISO 22301:2019 is the latest revision of this ISO standard and has some improvements to provide more clarity and values to users compared to its 2012 version. The main improvements of the BCM ISO aim: – To make the standard easier to read and implement; it has been restructured with greater clarity about what is required. – To eliminate duplication, the language and terminology used in the standard have been simplified. In addition, the current version of ISO 22301 represents the up-to-date thinking of the business world. – To fully conform with all other ISO management system standards, the High-Level Structure has been simplified.
    Compliance AI bot