|1. Testing is an activity that is performed to validate certain capabilities of the Business Continuity plan and produce relative to specified objectives or established criteria.
Similar Term: Testing and Exercising
Courses: BCM Certification
- Attend: BCM-200: ISO22301 BCMS Planner leading to BCCP
- Attend: BCM-300: ISO22301 BCMS Implementer leading to BCCS
- Attend: BCM-400: ISO22301 BCMS Manager leading to BCCE
- Attend: BCM-5000: ISO22301 BCMS Expert Implementer leading to BCCE
Guidance Notes and Templates
2. Procedure for evalutation; a means of determining the presence, quality, or veracity of something.
Notes (1) : Testing may be referred to a "trial".
Notes (2) : Testing is often applied to supporting plans.
(Source: ISO 22300)
(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.52
3. Procedure for determining the presence, quality, or veracity of something.
Notes (1) : Assessing a capability with the result being either pass or fail
Notes (2) : Testing may be referred to as a “trial”
Notes (3) : Testing is often applied to supporting plans.
Notes (4) : Testing should start with simple component testing building toward system testing.
Notes (5) : Test and testing are terms that are often used interchangeably with the terms exercise and exercising, but it is suggested that there is clear and distinct difference between the two sets of terms. However, it is suggested that tests and testing all present learning, education, training and awareness opportunities for all participants, as the participants will be performing functions and activities that would need to be performed in the response phase to an actual incident or emergency.
Notes (6) : For the purposes of this standard, a test, and where appropriate, testing; are treated as an exercise with a distinct and clear additional factor, which is a defined and objectively measured expectation of a pass or fail outcome, as either a main objective or aim, or as a subsidiary objective or aim of the event. An example of this could be a disaster recovery test, where the connectivity of two geographically dispersed systems could be physically validated with a third system to prove that the systems have adequate resilience to address the risk under consideration.
Notes (7) : It follows that any exercise may be designated as a test by the commissioning party and the method that the exercise is delivered in becomes irrelevant, the key issue is whether or not there is a pass or fail expectation in any of the objectives or aims.
Notes (8) : When considering whether an event should be considered as a test or testing, it should be borne in mind that objective pass or fail expectations may be applied to plans, processes, systems, activities and performance, including, where appropriate, to humans or teams and groups of people. ([SOURCE: ISO 22300])
(Source: ISO 22390:2011 - Societal Security - Guidelines for Exercises and Testing) - clause 3.27
4. Activity in which some part(s) of the operational continuity plan(s) is/are followed to ensure that the plan(s) contain(s) the appropriate information and produces the desired result.
(Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.47