With the help of the ISO22301 documentation set from Advisera, I am currently preparing an internal audit procedure for the business continuity management system. The checklist includes the following questions:
6.1 Has the organization identified the risks and opportunities relating to the effectiveness of the management system?
6.1 Does the organization plan to deal with the identified risks and opportunities?
6.2 Are the business continuity objectives measurable; are they monitored and updated?
6.2 Are there steps to achieve goals, responsible persons, deadlines, necessary resources?
In which documents from the ISO22301 package does the organization address these questions and meet the requirements of clause 6.1 and 6.2 of the standard?