Business Continuity Management

How 4C Strategies helped a global manufacturing company to prepare for ISO accreditation

  • Background: In early 2019, an international manufacturing company employed 4C Strategies to identify gaps in its current Business Continuity Management System (BCMS) and make recommendations prior to seeking ISO 22301:2012 accreditation (the international Standard for a Business Continuity Management System).

  • Challenge: Although the company possessed extensive Health and Safety expertise and experience, there was less focus on Business Continuity. External help was sought to aid the company in obtaining ISO 22301 accreditation.

  • Solution: 4C Strategies was able to conduct a gap analysis using Exonaut®, focusing on a review of BCM documentation and information provided electronically and via interviews with relevant key individuals and subject matter experts.

  • Benefits: The results of the gap analysis provoked internal activity within the organisation to identify current-state compliance to the ISO 22301 standard. The findings were then used to inform subsequent decision-making in their BCMS readiness prior to seeking ISO 22301 accreditation.

  • Customer: An international manufacturer of semiconductor vacuum and abatement solutions

Selecting the right tools

The key to the success of the project was the provision of Exonaut® and its capability as an integrated platform to manage the requirements of the different entities reviewed, including:

  • structured and efficient gap analysis and observation planning,
  • dynamic and flexible delivery options,
  • real-time evidence-based assessment and evaluation, irrespective of location (observations were taken remotely at the organisation’s sites and at 4C offices).

Design, delivery and evaluation

Each aspect of the gap analysis cycle, from design, development and delivery through to evaluation, was powered by Exonaut. The software’s capability to operate across multiple operating systems (Windows, Android, iOS) and devices enabled 4C evaluators to input observations in real-time and to monitor ISO 22301 compliance throughout the interview and document review process.

Asking the right questions

The review utilised a standard question set, developed by 4C over a number of years. The questions were designed not only to determine compliance with the ISO standard, but also to cross-reference with the Business Continuity Institute (BCI)’s Good Practice Guidelines.

The question set was broken down into levels, with the first level establishing a theme or area, and the second level featuring a question designed to look at a specific part of that area or theme. There were six main themes or areas in the set:

  • Context or the organisation
  • Leadership
  • Planning
  • Support
  • Operations
  • Performance Evaluation

Maturity model

A best-practice BCMS maturity model was used as a baseline for the comparison of relevant documentation, in addition to the scoring of interview responses. The maturity model required each question to be scored between one to six, in order to identify current levels of maturity by theme or area. In time, this data could be used as a benchmark to assess other areas of the business.


There were two methods used to conduct the review. The first of which was the facilitation of short interviews with identified key personnel and subject matter experts, to ascertain their perception and knowledge of current BCMS capability. The most relevant questions from the question set were pulled in to make a specific question set for each interview.

The second method took the form of a detailed review of current BCM documentation using a list provided by the organisation.

Throughout the two methods and processes, observations against each question were made, including a score against the maturity model, plus comments and recommendations.

Analysis and assessment

Once all required data had been captured, either through interviews or documentation review, a number of observations were made against each question. These were then used to provide assessments against a theme or area. Finally, all assessments and observations were gathered to provide an overarching assessment for the report. Data captured using Exonaut could then be used for benchmarking future reviews of other operational areas.


The Exonaut Observer (OBS) mobile app enabled 4C Strategies consultants to capture observations in a consistent format, linked to real-time assessments with identified overarching objectives. Consultants were equipped with smartphones and tablets to capture data and build a fully auditable evaluation set for real-time analysis and post-exercise reviews.

The evaluation process began by reviewing all observations that had been made through the course of the project against a particular objective. Exonaut then facilitated the gathering of those observations into a single assessment. The grades applied throughout the project were also reviewed with a final grade, at the objective assessment level.

Message sent

Thank you
Your message has been received. We will get back to you as soon as possible.

Thank you!

You are now registered.

Download pack

Photo credits


Choose size
  • Original image
  • Large image (2900px)
  • Medium image (1920px)
  • Small image (1024px)

Get in touch

Book a demo

    Solution Areas

    Get in touch

      Message sent

      Thank you
      Your message has been received. We will get back to you as soon as possible.

      Message sent

      Thank you
      Your message has been received. We will get back to you as soon as possible.

      Message sent

      Thank you
      Your message has been received. We will get back to you as soon as possible.