Difference between revisions of "Audit"

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
m
 
(33 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
|-
 
 
| '''1.''' (BCM) Audit is an independent [[Examining|examination]] of an [[Organization|organization's]] BCM plans, [[Procedure|procedures]], documentation so as to assess compliance with specifications, [[Standards|standards]], contractual agreements, or other criteria.  
 
| '''1.''' (BCM) Audit is an independent [[Examining|examination]] of an [[Organization|organization's]] BCM plans, [[Procedure|procedures]], documentation so as to assess compliance with specifications, [[Standards|standards]], contractual agreements, or other criteria.  
[[File:WCCSG 2016 VerticalBanner.jpg|thumb|WCCSG 2016 VerticalBanner.jpg]] '''Notes (1)''': An example is a [[Business_Continuity_Management_(BCM)|Business Continuity Management (BCM)]] audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) [[Standards|standards]].
+
{{Template:BL-BCM-5Banner}}
 +
'''Notes (1)''': An example is a [[Business_Continuity_Management_(BCM)|Business Continuity Management (BCM)]] audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) [[Standards|standards]].
  
 
'''Notes (2)''': There are three types of audits: [[First_Party_Audit|First Party Audits]] are internal audits. [[Second_Party_Audit|Second Party Audits]] and [[Third_Party_Audit|Third Party Audits]] are external audits.
 
'''Notes (2)''': There are three types of audits: [[First_Party_Audit|First Party Audits]] are internal audits. [[Second_Party_Audit|Second Party Audits]] and [[Third_Party_Audit|Third Party Audits]] are external audits.
  
[http://www.hc-sc.gc.ca/ahc-asc/pubs/_audit-verif/2011-02/index-eng.php Final Audit Report - Business Continuity Planning]<br/> [[File:BCM Institute.jpg|thumb|left|100px|BCM Institute.jpg]]<br/> <br/> {{BcmBoK 7 CL 2A}}<br/> <br/> <br/> <br/> <br/> &nbsp;
+
'''Notes (3)''': [http://www.hc-sc.gc.ca/ahc-asc/pubs/_audit-verif/2011-02/index-eng.php Final Audit Report - Business Continuity Planning]
 
+
{{Template:BCM Course}}
[[File:A Managers Guide to Auditing v1.1.jpg|thumb|left|140px|'''A Manager's Guide to Auditing and Reviewing Your Business Continuity Management Program''' (2009)]]<br/> '''Courses: ISO 22301 BCMS Audit'''
+
<br><br>{{BcmBoK 7 CL 2A}}<br><br><br>
 
+
{{Template:BLCoursesBanner}}
*Attend: [http://www.bcm-institute.org/courses/iso-22301-bcms-auditor BCM-8030: ISO 22301 BCMS Auditor] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-auditor-bcca BCCA]
 
*Attend: [http://www.bcm-institute.org/courses/iso-22301-bcms-lead-auditor BCM-8530: ISO 22301 BCMS Lead Auditor] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-lead-auditor-bccla BCCLA]
 
 
 
'''Courses: BCM Certification'''
 
 
 
*Attend: [http://www.bcm-institute.org/courses/iso-22301-business-continuity-management-systems-bcms-planner BCM-230: ISO22301 BCMS Planner] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-planner-bccp BCCP]
 
*Attend: [https://www.bcm-institute.org/courses/business-continuity-management-courses-2/business-continuity-management-certification-courses/bcm-300-iso-22301-business-continuity-management-system-implementer/ BCM-300: ISO22301 BCMS Implementer] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-specialist-bccs BCCS]
 
*Attend: [http://www.bcm-institute.org/courses/iso-22301-business-continuity-management-systems-bcms-manager BCM-400: ISO22301 BCMS Manager] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-expert-bcce BCCE]
 
*Attend: [https://www.bcm-institute.org/courses/business-continuity-management-courses-2/business-continuity-management-certification-courses/bcm-5000-iso-22301-business-continuity-management-system-expert-implementer/ BCM-5000: ISO22301 BCMS Expert Implementer] leading to [http://www.bcm-institute.org/certification/business-continuity-certified-expert-bcce BCCE]
 
 
 
 
{{Bcm Institute Source}}
 
{{Bcm Institute Source}}
 
 
|}
 
|}
  
 
'''2.''' Systematic, independent and documented process for obtaining [[Audit_Evidence|audit evidence]] and evaluating it objectively to determine the extent to which the [[Audit_Criteria|audit criteria]] are fulfilled
 
'''2.''' Systematic, independent and documented process for obtaining [[Audit_Evidence|audit evidence]] and evaluating it objectively to determine the extent to which the [[Audit_Criteria|audit criteria]] are fulfilled
 
+
{{Template: BookMGBCMResponse}}
 
'''''Notes (1)''''': An audit may be an [[Internal_Audit|internal audit]] ([[First_Party_Audit|first party]]) or an external audit ([[Second_Party_Audit|second party]] or [[Third_Party_Audit|third party]]), and it may be a combined audit (combining two or more disciplines).
 
'''''Notes (1)''''': An audit may be an [[Internal_Audit|internal audit]] ([[First_Party_Audit|first party]]) or an external audit ([[Second_Party_Audit|second party]] or [[Third_Party_Audit|third party]]), and it may be a combined audit (combining two or more disciplines).
  
Line 61: Line 49:
 
*[http://www.aicpa.org The American Institute of Certified Public Accountants (AICPA)]  
 
*[http://www.aicpa.org The American Institute of Certified Public Accountants (AICPA)]  
  
[[Category:Pages with broken file links]] [[Category:BCM Institute Audit Glossary]] [[Category:BcmBoK 7 CL 2A]]
+
[[Category:BCM Institute Audit Glossary]] [[Category:BCM Institute Cyber Security Glossary]] [[Category:BcmBoK 7 CL 2A]]

Latest revision as of 02:08, 3 November 2020

1. (BCM) Audit is an independent examination of an organization's BCM plans, procedures, documentation so as to assess compliance with specifications, standards, contractual agreements, or other criteria.

Notes (1): An example is a Business Continuity Management (BCM) audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) standards.

Notes (2): There are three types of audits: First Party Audits are internal audits. Second Party Audits and Third Party Audits are external audits.

Notes (3): Final Audit Report - Business Continuity Planning



BCMBoK Competency Level
BCMBoK 7: Program Management CL 2A: Intermediate (Audit)



(Source: Business Continuity Management Institute - BCM Institute)

2. Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

Notes (1): An audit may be an internal audit (first party) or an external audit (second party or third party), and it may be a combined audit (combining two or more disciplines).

Notes (2): "Audit evidence” and “audit criteria” are defined in ISO 19011.

(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.2

3. Systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization’s policy and objectives.

(Source: AE/HSC/NCEMA 7000:2012)

4. Audit is a systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization's policy and objectives

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

5. Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

6. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Business Continuity Institute - BCI)

7. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )

 

Related Links