Governance is the initiative of Business Continuity Management that is a regulatory system that

controls an organization and its activities. Governance refers to the set of policies, processes, roles,

and responsibilities that define how an organization is directed and managed. Governance ensures

that the organization’s objectives, strategies, and operations are aligned with the expectations and

needs of its stakeholders, such as customers, employees, regulators, and shareholders. Governance

also provides oversight and accountability for the organization’s performance, risks, compliance, and

continuity.

Business Continuity Management (BCM) is a key component of governance, as it enables the

organization to protect its critical assets and functions, and to respond and recover from disruptive

incidents. BCM helps the organization to maintain its reputation, resilience, and value in the face of

uncertainty and crisis. BCM also supports the organization’s compliance with relevant laws,

regulations, standards, and best practices, such as ISO 22301, the international standard for business

continuity management systems.

Therefore, governance is the initiative of Business Continuity Management that is a regulatory

system that controls an organization and its activities, by providing direction, oversight, and

accountability for the organization’s continuity and resilience. Reference:

ISO 22301 Auditing eBook, Chapter 1: Introduction to Business Continuity Management, Section 1.1:

What is Business Continuity Management?, Page 4

ISO 22301 Auditing eBook, Chapter 2: Introduction to ISO 22301, Section 2.1: What is ISO 22301?,

Page 9

ISO 22301 Auditing eBook, Chapter 3: Business Continuity Management System, Section 3.1: Context

of the Organization, Page 13

ISO 22301 Auditing eBook, Chapter 3: Business Continuity Management System, Section 3.2:

Leadership, Page 16