An Audit Objective is the defined purpose or aim of the BCM Audit process or activity. In reviewing a BC Plan, the BCM Audit objectives are to decide whether:
The Audit Scope determines the extent and range of the activities and the period (months or years) of records that are to be subjected to a BCM Audit examination. These are some of the considerations:
A successful BCM Audit is one that stays within the agreed scope. Often, the Client must be informed of the scope before the start of any audit.
The Audit Criteria is a set of policies, procedures and requirements against which audit evidence is compared. These are samples of audit criteria.
Numerical Categori-zation |
Conclusion on Audit Criteria |
Definition of Conclusion |
1 |
Well Controlled |
Well managed, no material weaknesses noted; and Effective. |
2 |
Controlled |
Well managed, but minor improvements are needed; and effective. |
3 |
Moderate Issues |
It has moderate issues requiring management focus based on at least one of the following two criteria: Control weaknesses, but exposure is limited because likelihood of risk occurring is not high; or, Control weaknesses, but exposure is limited because the impact of the risk is not high. |
Criteria # |
Audit Criteria |
Conclusion on Audit Criteria |
Examples of Key Evidence/ Observation |
1.1 |
Key documents properly articulate the linkages between the program and business unit’s objectives and priorities. |
1 |
The program clearly links the BCM Program and business unit’s objectives. |
1.2 |
A plan has been developed to periodically re-assess the BCM program design and adjusted as required. |
1 |
Periodic evaluations of the Program are planned and conducted. The evaluations have resulted in changes to the design of the Program. |
1.3 |
Expected results are clearly defined, and a plan to measure and demonstrate results is followed. |
1 |
Expected results are included in the BCM Program. Management conducts surveys of recipients and uses the data to demonstrate results. |
1.4 |
Available resources (e.g. human resource, tools) and competencies are reviewed and match those required to deliver the BCM program. |
1 |
The resources required for the BCM program are identified and have been made available. BCM program has low staff turnover, relevant training, and an effective performance management process. |
Goh, M. H. (2016). A Manager's Guide to Auditing and Reviewing Your Business Continuity Management Program. Business Continuity Management Series (2nd ed.). Singapore: GMH Pte Ltd.
Extracted from "Stage 1: Audit Planning and Preparation"
The next section applied to Singaporean and Singapore permanent residents. Click button "Government Funding Available" to find out more about the funding that is available from the Singapore government. This include the CITREP+, SkillsFuture Credit and UTAP.
Please feel free to send us a note if you have any of these questions to sales.ap@bcm-institute.org |