Audit

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
1. (BCM) Audit is an independent examination of an organization's BCM plans, procedures, documentation so as to assess compliance with specifications, standards, contractual agreements, or other criteria.
BL-B-5 Click to know more

Notes (1): An example is a Business Continuity Management (BCM) audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) standards.

Notes (2): There are three types of audits: First Party Audits are internal audits. Second Party Audits and Third Party Audits are external audits.

Notes (3): Final Audit Report - Business Continuity Planning

BCM Institute's Professional Training and Certification



BCMBoK Competency Level
BCMBoK 7: Program Management CL 2A: Intermediate (Audit)



Click to know more about expert level training

(Source: Business Continuity Management Institute - BCM Institute)

2. Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

A Manager’s Guide to Business Continuity Management for Cybersecurity Incident Response

Notes (1): An audit may be an internal audit (first party) or an external audit (second party or third party), and it may be a combined audit (combining two or more disciplines).

Notes (2): "Audit evidence” and “audit criteria” are defined in ISO 19011.

(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.2

3. Systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization’s policy and objectives.

(Source: AE/HSC/NCEMA 7000:2012)

4. Audit is a systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization's policy and objectives

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

5. Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

6. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Business Continuity Institute - BCI)

7. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )

 

Related Links