Set out below is a series of links to national and international standards for preparedness, business continuity, crisis management, as well as relevant organizations and associations. We welcome your suggestions for additions to this list.
We try to ensure all links remain current but if you find yourself at a dead end please let us know so we can update our site. Either email email@example.com or submit the form on our Contact page.
To expand the titles, click on each arrow below.
Standards & Guidelines
Standards & Guidelines – Reference Lists from DRJ and BCI
Two organizations in the private sector maintain comprehensive lists of the laws, standards and guidelines related to disaster recovery planning and business continuity management. One is an organization based in the US. The other is an organization based in the UK. Both are excellent resources for professional reference.
The Disaster Recovery Journal’s list can be downloaded (in Excel format) from the Rules and Regulations Page.
The Business Continuity Institute’s list can be downloaded (in PDF format) from the BCM Guides & Standards Regulations, Standards & Guidelines Page.
Background on Private Sector Preparedness
DHS/FEMA Private Sector Preparedness Program (PS-Prep)
The Voluntary Private Sector Preparedness Program (PS-Prep) is mandated by Title IX of the Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110-53).
The purpose of the PS-Prep Program is to enhance nationwide resilience by encouraging private sector preparedness in an all-hazards environment.
Prior to the PS-Prep program, there was no comprehensive set of standards that the spectrum of American businesses and private sector entities could use to assess their preparedness for all hazards.
Congress directed the Department of Homeland Security (DHS) to develop and implement a voluntary program of accreditation and certification of private entities using standards adopted by DHS that promote private sector preparedness, including disaster management, emergency management and business continuity programs.
For more information on the PS-Prep Program, visit:
Standards for Private Sector Preparedness
The following three standards have been approved by the U.S. Department of Homeland Security development for voluntary certification of Business Continuity and Emergency Preparedness Programs in the private sector, under Title IX of Public Law 110-53.
• NFPA 1600:2013 – Standard on Disaster/Emergency Management and Business Continuity Programs
About the Standard: Developed by the National Fire Protection Association (NFPA), this standard provides a management system framework and the criteria for development of programs to support an organization’s preparedness for emergency, disaster and business disruption.
NFPA 1600 is recognized by the American National Standards Institute (ANSI) as an American National Standard.
NFPA 1600:2013 includes a new chapter on Training and Education as well as annexes to address issues within the field of emergency management and business continuity and to address the use of NFPA 1600 as a Management System Standard..
The 2013 Edition of NFPA 1600 may be downloaded at no cost from NFPA Org.
• ASIS SPC.1-2009 – Organizational Resilience: Security, Preparedness, and Continuity Management Systems – Requirements with Guidance for Use
About the Standard: Developed by the American Society for Industrial Security (ASIS), this standard provides the framework for a management system that integrates security, preparedness, response, mitigation, business/operational continuity and recovery from an emergency, crisis, or disaster.
ASIS SPC.1 is recognized by the American National Standards Institute (ANSI) as an American National Standard.
At present, ASIS has not announced any updates to this standard.
Obtaining a Copy: This standard may be downloaded at no cost from the PS-Prep™ Standards Page.
• ISO 22301:2012 – Societal Security – Business Continuity Management Systems – Requirements
A guidance document for ISO 22301 is also available under the title “ISO 22313:2012, Societal security — Business continuity management systems — Guidance.”
A guidance document for ISO 22317 is also available under the title “ISO 22317:2015, Societal security — Business continuity management systems — Guidelines for Business Impact Analysis (BIA)
Obtaining a Copy: ISO 22301, ISO 22313, and ISO 22317 may be downloaded for a fee from ISO.
• AS/NZS 5050:2010 -Business Continuity – Managing Disruption-Related Risk
About the Standard: Developed by Standards Australia, AS/NZS 5050 is a joint national standard for Business Continuity Management in New Zealand and Australia.
This standard has not yet been adopted or endorsed by the U.S. Department of Homeland Security under the category of “Standards for Business Continuity and Emergency Preparedness”. It is, however, an internationally recognized standard and is in close alignment with ISO 31000 (Risk Management – Principles and Guidelines).
AS/NZS 5050 describes the application of the principles, framework and process to manage business disruption related risk and establish business continuity management programs in a manner consistent with the international standard for risk management, ISO 31000:2009.
The Standard includes, in Section 5, a schedule of requirements for organizations seeking to demonstrate their processes for managing disruption-related risk meet the characteristics of management systems as described in ISO Guide 72.
Standards Australia has not announced a schedule for update of AS/NZS 5050.
Obtaining a Copy: This standard may be downloaded for a fee from SAI Global.
Resources for Private Sector Preparedness
About the BCI Good Practice Guidelines (GPG 2013): Details may be found on BCI.
Obtaining a Copy: The Good Practice Guidelines 2013 may be downloaded for a fee from BCI.
Ready.Gov is a national public service advertising (PSA) campaign designed to educate and empower Americans to prepare for and respond to emergencies including natural and man-made disasters. The goal of the campaign is to get the public involved and ultimately to increase the level of basic preparedness across the nation.
The Red Cross Ready Rating program provides a framework designed to: 1) Help businesses, organizations, and schools become prepared for emergencies; 2) Help increase the level of preparedness among individuals and families; and 3) Encourage businesses, schools and organizations to help their local communities prepare for emergencies.
Organizations & Associations
The following local and national organizations have additional resources, which can assist in the development of plans, practices and communities for emergency preparedness, business continuity, and crisis management.
Neighborhood Emergency Response Team (NERT)