What are the critical areas to look at when auditing the business continuity systems and processes of an organisation.
Assign topic to the user
To identify the critical areas to be audited, you must identify which requirements are applicable to your Business Continuity Systems and process, by means of identifying legal requirements, business objectives, and the results of the business impact analysis. Once these issues are identified you should elaborate a checklist to help you cover these issues with proper questions and evidence to be verified.
These articles will provide you a further explanation about preparing for an audit (they focus on ISO 27001, but the concepts are applicable to ISO 22301 as well):
- How to prepare for an ISO 27001 internal audit https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/ -for-iso-27001-iso-22301/
These materials will also help you regarding internal audit:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
Additionally, this toolkit can help you plan and perform an audit compliant with ISO 22301: https://advisera.com/27001academy/iso-27001-22301-internal-audit-documentation-toolkit/
At this page, you can download a free preview of the documents to see how they look and if they can fulfill your needs.
Comment as guest or Sign in
Sep 07, 2020