How Catalent Operationalized Business Continuity

John Brewer, Global Director of Security & Business Continuity at Catalent

Global, multi-site pharmaceutical CDMO Centralized BC, DR, and incident response

100+

Automated dependency tracking linking systems, vendors, and facilities

ISO 22301 aligned framework mapped across enterprise processes

25-50%

Significant cost reduction after replacing legacy GRC platform

^Problem

‍Static Plans. Expanding Regulations. Limited Flexibility.

Operating in a highly regulated environment, the organization anchored its resilience program to ISO 22301, while also aligning with SOC 2 and the NIS 2 Directive.

But execution was fragmented. Business continuity plans lived in static documents. Dependencies were tracked in spreadsheets. Their legacy risk platform was rigid and costly — limiting customization as regulatory requirements evolved. The team needed more than documentation. They needed operational resilience.

Q1

^Solution

One Platform. Real-Time Execution.

With SmartSuite, Catalent’s team moved beyond static plans to build a fully ISO 22301–aligned resilience framework that could operate in real time. Structured BIA modules track critical metrics like RTO, RPO, and MTPD, while automated mapping links processes to their dependencies across systems, vendors, and facilities. Version-controlled governance ensures that every plan is accurate, auditable, and up to date.

AI assists in generating recovery activities, suggesting the right steps and priorities, while one-click plan activation automatically notifies the right stakeholders. Built-in testing, after-action reviews, and performance dashboards turn each plan into a living, continuously improving operational tool. The transition was rapid: the team migrated all legacy data in a single day. What was once bound in static documents is now activated, tracked, and optimized in real time.

Q2

^Result

Faster Activation. Stronger Governance. Lower Cost.

SmartSuite transformed Catalent’s business continuity program from a static compliance exercise into a dynamic operational engine. Plans are now executed with real-time visibility, and teams collaborate seamlessly across functions, ensuring responses are swift, coordinated, and auditable. Documentation is fully aligned to ISO 22301, SOC 2, and NIS2 standards, making audits simpler and more reliable.

Beyond operational improvements, the platform drove a significant reduction in costs by replacing a rigid legacy GRC system, giving Catalent both flexibility and scalability to evolve with regulatory requirements.

Q3

How Catalent Operationalized Business Continuity

‍Static Plans. Expanding Regulations. Limited Flexibility.

One Platform. Real-Time Execution.

Faster Activation. Stronger Governance. Lower Cost.

More Customer Stories

Catalent

1

Catalent

51

Sallie Mae

1

Helaba Bank

1

BUCS Engineering

3

Unicontrol

Team scaled 4.6x

UCLA Student Affairs

3x

Apple Bank

5+

Parsons Counseling

1,500+

Andex Kitchens

1

SWAGBOX

3

Roadchef Projects

70%

PlantBasedTreaty

100%

YES Energy Solutions

3

Ville de Pincourt

100s

Waypoint Centre

4+

UPenn Dental CDE

10+

UCLA Anderson

250+

CornholeATL

60+

So Cal Classic Car Storage

50%

Weev

75%

Ratio Christi

70%+

Quality Counts

10+

Office Express

100%

Digital Atelier

3x

ITC Germany Prod

100+

F AIR

20+

Food Truck League

700+

Georgetown University

4+

CryoFuture

1

Cryogenic Industrial Solutions

10s

CEI

100+

Collectie Overijssel

50%

Enablence Technologies

5 days

Analytic Vizion

90%

Canterbury Consulting

25%

BrigaCare

1,000

Brightways