ISO 22320-2018 PDF

Full title and description

Security and resilience — Emergency management — Guidelines for incident management. This International Standard provides guidance on principles, processes and structures to support effective incident management for single organizations and for multi‑agency or cross‑border cooperation.

Abstract

ISO 22320:2018 gives guidelines for incident management including core principles (purpose and value of incident management), the basic components of incident management (processes, structure, roles, responsibilities, tasks and resource management) and mechanisms to enable organisations to work together through joint direction and cooperation. It is intended for any organisation involved in responding to incidents of any type and scale.

General information

• Status: Published / International Standard (confirmed).
• Publication date: 5 November 2018.
• Publisher: International Organization for Standardization (ISO).
• ICS / categories: 03.100.01 (Societal security / emergency management).
• Edition / version: Edition 2 (2018).
• Number of pages: 20 pages.

The items above are drawn from ISO's bibliographic details for the 2018 edition and its lifecycle notes.

Scope

ISO 22320:2018 applies to any organisation involved in incident preparedness or response — public, private or non‑profit — and is written to be used by a single organisation or by two or more organisations that choose to work together while retaining their own structures or forming a combined structure. The standard is all‑hazards in approach and focuses on enabling coordination, clear roles and responsibilities, timely operational information and cooperative decision‑making.

Key topics and requirements

• Core principles for incident management (e.g., life and dignity, unity of command, working together, all‑hazards approach, safety, flexibility, continual improvement).
• Incident management process: situation assessment, objective setting, planning, tasking and monitoring.
• Incident management structure: defined roles and single‑supervisor reporting lines, responsibilities and functional tasks.
• Information management and a common operational picture to support timely, relevant and actionable situational awareness.
• Coordination and cooperation mechanisms for multi‑agency and cross‑border response, including shared communications and decision‑making processes.
• Resource management and tasking (including prioritization and allocation of personnel, equipment and information resources).
• Interoperability, communication protocols and procedures to support joint working and mutual support.
• Supportive guidance and annexes offering example structures, tasks and planning considerations to assist implementation.

These topics reflect the standard's operational focus and are summarized from the ISO text and standardization commentaries.

Typical use and users

Used by emergency services, civil protection agencies, local/regional/national governments, health services, utilities and critical infrastructure operators, NGOs and private‑sector organisations involved in resilience, business continuity and incident response. Typical users include incident commanders, emergency planners, interoperability coordinators, exercise designers and public safety policy makers who need interoperable, objective‑driven incident management arrangements.

Related standards

Commonly referenced and complementary standards include ISO 22300 (security and resilience — vocabulary), ISO 22301 (business continuity management), ISO 31000 (risk management), ISO 22316 (organizational resilience), ISO 22395 (support to vulnerable persons) and related technical guidance in the ISO 223xx family. Implementers often use ISO 22320 alongside national emergency management frameworks and operational interoperability standards.

Keywords

Incident management, emergency management, crisis coordination, command and control, common operational picture, interoperability, information management, resource management, multi‑agency cooperation, resilience.

FAQ

Q: What is this standard?

A: ISO 22320:2018 is an International Standard that provides guidelines for incident management to support effective, coordinated response and cooperation between organisations.

Q: What does it cover?

A: It covers principles, the incident management process, incident management structures (roles and responsibilities), information and resource management, and mechanisms for multi‑agency working and interoperability. It is an operational, guidance‑focused standard rather than a detailed technical specification.

Q: Who typically uses it?

A: Emergency responders, civil protection bodies, government planners, utilities and infrastructure operators, NGOs, and private‑sector resilience and continuity teams use ISO 22320 to design or improve incident command, coordination and information‑sharing arrangements.

Q: Is it current or superseded?

A: The 2011 edition (ISO 22320:2011) was withdrawn and replaced by ISO 22320:2018 (Edition 2). The 2018 edition is published and was confirmed in its review cycle; implementers should check ISO national bodies for any later amendments or national adoptions, but as published the 2018 edition is the active international text.

Q: Is it part of a series?

A: Yes — ISO 22320 is part of the ISO 223xx family addressing security, societal resilience and emergency management; it is commonly used alongside ISO 22300 (vocabulary), ISO 22301 (business continuity) and related guidance standards.

Q: What are the key keywords?

A: Incident management, emergency management, command and control, interoperability, common operational picture, information management, resource management, multi‑agency coordination, resilience.