|1. The formal evaluation of an organisation's processes by an independent & accredited body against a defined standard & the issuing of a certificate indicating conformance.
2. The procedures to ensure that all changes are controlled, including the submission, recording, analysis, decision making, approval, implementation and post-implementation review of the change. (Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)