ISO 22301:2012 specifies requirements for planning, establishing, implementing, monitoring, auditing, inspecting, reviewing, maintaining and continuously improving a documented management system and requirements for protecting against, reducing the likelihood of, preparing for, reacting to and recovering from catastrophic events that occur.

The requirements specified in ISO 22301:2012 are generic and can be applied to all organizations or parts thereof, regardless of the type, size and nature of the organization. The degree to which these requirements apply depends on the operating environment and complexity of the organization.