Audit · Consultation · Training
BIA · ISO 22301 · MAS TRM · EDG grant managed
BCMS Audit
Gap analysis · Stage 1/Stage 2 · Pre-cert mock audit · Surveillance · Internal audit co-sourcing.
Explore audit →BCMS Consultation
Full implementation · BIA facilitation · MAS TRM aligned · IMS integration · Crisis management · Post-cert retainer.
Explore consulting →BCMS Training
Lead auditor (CQI/IRCA) · Internal auditor · Implementation practitioner · Staff awareness · Tabletop exercises.
Explore training →The BCMS framework — six core components ICFC implements
📊 BIA
Business Impact Analysis
Identify critical processes, quantify disruption impact, set RTO and RPO for every key activity.
⚠️ RA
Risk Assessment
Identify threats and vulnerabilities — cyber, climate, supply chain, pandemic.
🎯 BC Strat
Continuity Strategies
Design strategies for people, technology, facilities, data, supply chain covering all disruption scenarios.
📄 BCP
Business Continuity Plans
Documented, tested response and recovery procedures — crisis comms, escalation paths, recovery actions.
🏋️ Exercise
Testing & Exercises
Desktop exercises, simulations, and live drills — validating plans work before incidents occur.
🔄 PDCA
Continual Improvement
Internal audit, management review, and ongoing BCMS refinement as threats evolve.
Singapore's BCMS regulatory landscape
| Regulator / Framework | Requirement | Sectors | ISO 22301 alignment |
|---|---|---|---|
| MAS TRM Guidelines | Robust BCM capabilities; scenario testing | Banks, insurers, FinTech | ✓ Direct alignment |
| MAS Notice 655 / BCM Guidelines | Documented BCP, RTO/RPO, annual testing | All MAS-regulated FIs | ✓ Direct alignment |
| CSA Cybersecurity Act | CII operators must have BCPs for critical systems | Energy, water, transport, banking, telco, healthcare, govt | ✓ Strong alignment |
| MOH guidelines | BC for essential healthcare services | Hospitals, clinics, pharma | ✓ Strong alignment |
| BCA requirements | Business continuity for major projects | Critical infrastructure contractors | ✓ Framework aligned |
| Govt tender criteria | ISO 22301 increasingly required or scored | All government suppliers | ✓ Certification required |
50% EDG / MASA grant co-funding — up to 50% of BCMS consultation costs
Enterprise Singapore's EDG covers up to 50% of qualifying ISO 22301 consultation fees for eligible SMEs. ICFC manages your application before project commencement. Integrated IMS engagements (ISO 22301 + ISO 27001) can stack grant funding across both standards.
Check grant eligibility →
ICFC's BCMS audit process — from first call to certificate
Free briefing
Gap analysis
Grant application
Pre-cert audit
CB coordination
Certificate
Chief Risk Officer
Digital bank, Singapore
“ICFC's BIA facilitation identified three single-point dependencies we hadn't recognised — including a critical vendor with no sub-contractor. Certification achieved on first attempt with MAS TRM fully addressed.”
IT Director
Data centre operator
“Achieved ISO 22301 and ISO 27001 dual certification under ICFC's integrated IMS approach — saved over S$30,000 compared to separate engagements. EDG grant covered 50% of total cost.”
FAQs — ISO 22301 BCMS
Start your BCMS certification journey today
Free 30-minute assessment. Honest gap analysis of your BCP maturity against ISO 22301:2019. EDG grant eligibility check. MAS TRM alignment review. No obligation.