Auditing Business Continuity Management

Audit Opinion and Reporting

Written by Moh Heng Goh | Sep 17, 2020 1:46:21 PM

Executive Summary

This is a sample of a BCM audit report

Introduction

An audit of ......... was conducted from....... to...... in accordance with ISO22301 BCMS standards and was based on the Terms of Reference agreed with the Executive Management prior to the audit, a copy of which is in the appendix.

Reporting officer to give a brief (say four lines) comment on the business history, local environment, city/country or recent developments at the unit - anything pertinent.

Objectives And Scope

The key objectives of the BCM Audit are to ascertain that line management had identified the risks associated with the business; measures had been taken to ensure the required preventative procedures were in place; and the organization’s staff and assets were adequately protected in accordance with the BCM standards and guidelines laid down. In particular, reassurance was sought that control objectives relating to safeguarding, valuation, recording and reporting procedures were being achieved.

The Audit covered the premises of the organization at the location(s) stated and focused on key risks and controls.

Recommendations For Improved Controls  

Reporting officer to provide comments on areas where the organization’s standards were not being met, as well as any other areas of concern.

Areas Of Good Practice

The reporting officer (auditor) to comment on any areas of good practice, which might possibly be migrated to other units.

Conclusion (Conformity)

Reporting officer to make brief comments on the overall BCM standards of the areas audited e.g.

  • Were the standards observed good?
  • Were the standards observed satisfactory?
  • Were the standards observed poor?
  • Was there a mix?

Give justifications when commenting.

Matters arising from the Audit are attached. Please review them and arrange for copies to be returned to ………. by (say six weeks) confirming action taken by the line management.

Comments regarding minor matters will be advised directly to the appropriate line management for action and do not require any response.

This report is not intended for general circulation and may only be copied by the subject units for monitoring purposes.

 

Signed

 

Signed

Name

 

Name

Issued ...........

Report on Audit of ...........

  • Matters Arising
  • Findings
  • Implications 
  • Recommendations
  • Management Reaction

Resource

Goh, M. H. (2016). A Manager's Guide to Auditing and Reviewing Your Business Continuity Management Program. Business Continuity Management Series (2nd ed.). Singapore: GMH Pte Ltd.

Extracted from "Appendix 11 - Audit Opinion and Reporting"

 

Singapore Government Funding for BCM-8530 Course

The next section applied to Singaporean and Singapore permanent residents.  Click button "Government Funding Available" to find out more about the funding that is available from the Singapore government.  This include the CITREP+, SkillsFuture Credit and UTAP.

 

Find out more about Blended Learning BCM-8530 [BL-A-5] & BCM-8030 [BL-A-3]

Please feel free to send us a note if you have any of these questions to sales.ap@bcm-institute.org
View full post