Difference between revisions of "Audit"

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
 
(16 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
|-
 
 
| '''1.''' (BCM) Audit is an independent [[Examining|examination]] of an [[Organization|organization's]] BCM plans, [[Procedure|procedures]], documentation so as to assess compliance with specifications, [[Standards|standards]], contractual agreements, or other criteria.  
 
| '''1.''' (BCM) Audit is an independent [[Examining|examination]] of an [[Organization|organization's]] BCM plans, [[Procedure|procedures]], documentation so as to assess compliance with specifications, [[Standards|standards]], contractual agreements, or other criteria.  
{{Template:BL-A-5Banner}}
+
{{Template:BL-BCM-5Banner}}
 
 
 
'''Notes (1)''': An example is a [[Business_Continuity_Management_(BCM)|Business Continuity Management (BCM)]] audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) [[Standards|standards]].
 
'''Notes (1)''': An example is a [[Business_Continuity_Management_(BCM)|Business Continuity Management (BCM)]] audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) [[Standards|standards]].
  
 
'''Notes (2)''': There are three types of audits: [[First_Party_Audit|First Party Audits]] are internal audits. [[Second_Party_Audit|Second Party Audits]] and [[Third_Party_Audit|Third Party Audits]] are external audits.
 
'''Notes (2)''': There are three types of audits: [[First_Party_Audit|First Party Audits]] are internal audits. [[Second_Party_Audit|Second Party Audits]] and [[Third_Party_Audit|Third Party Audits]] are external audits.
  
[http://www.hc-sc.gc.ca/ahc-asc/pubs/_audit-verif/2011-02/index-eng.php Final Audit Report - Business Continuity Planning]<br/>
+
'''Notes (3)''': [http://www.hc-sc.gc.ca/ahc-asc/pubs/_audit-verif/2011-02/index-eng.php Final Audit Report - Business Continuity Planning]
{{BcmBoK 7 CL 2A}}
+
{{Template:BCM Course}}
 +
<br><br>{{BcmBoK 7 CL 2A}}<br><br><br>
 
{{Template:BLCoursesBanner}}
 
{{Template:BLCoursesBanner}}
{{Template: BookMGBCMProgram}}
 
 
 
{{Bcm Institute Source}}
 
{{Bcm Institute Source}}
 
|}
 
|}
  
 
'''2.''' Systematic, independent and documented process for obtaining [[Audit_Evidence|audit evidence]] and evaluating it objectively to determine the extent to which the [[Audit_Criteria|audit criteria]] are fulfilled
 
'''2.''' Systematic, independent and documented process for obtaining [[Audit_Evidence|audit evidence]] and evaluating it objectively to determine the extent to which the [[Audit_Criteria|audit criteria]] are fulfilled
 
+
{{Template: BookMGBCMResponse}}
 
'''''Notes (1)''''': An audit may be an [[Internal_Audit|internal audit]] ([[First_Party_Audit|first party]]) or an external audit ([[Second_Party_Audit|second party]] or [[Third_Party_Audit|third party]]), and it may be a combined audit (combining two or more disciplines).
 
'''''Notes (1)''''': An audit may be an [[Internal_Audit|internal audit]] ([[First_Party_Audit|first party]]) or an external audit ([[Second_Party_Audit|second party]] or [[Third_Party_Audit|third party]]), and it may be a combined audit (combining two or more disciplines).
  

Latest revision as of 02:08, 3 November 2020

1. (BCM) Audit is an independent examination of an organization's BCM plans, procedures, documentation so as to assess compliance with specifications, standards, contractual agreements, or other criteria.

Notes (1): An example is a Business Continuity Management (BCM) audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) standards.

Notes (2): There are three types of audits: First Party Audits are internal audits. Second Party Audits and Third Party Audits are external audits.

Notes (3): Final Audit Report - Business Continuity Planning



BCMBoK Competency Level
BCMBoK 7: Program Management CL 2A: Intermediate (Audit)



(Source: Business Continuity Management Institute - BCM Institute)

2. Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

Notes (1): An audit may be an internal audit (first party) or an external audit (second party or third party), and it may be a combined audit (combining two or more disciplines).

Notes (2): "Audit evidence” and “audit criteria” are defined in ISO 19011.

(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.2

3. Systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization’s policy and objectives.

(Source: AE/HSC/NCEMA 7000:2012)

4. Audit is a systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization's policy and objectives

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

5. Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

6. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Business Continuity Institute - BCI)

7. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )

 

Related Links