Auditing Business Continuity Management

BCM Questionnaires 3: Risk Analysis and Review

Written by Moh Heng Goh | Jul 7, 2021 8:49:20 AM

Risk Analysis and Review

A Risk Analysis and Review, or RAR identifies existing risks and threats that the business organization is exposed to, especially with respect to its geographic location, processes and procedures.

Threat Identification

There are many threats that can disrupt an organization's business operations. The identification and evaluation of threats are necessary to prepare the prevention and recovery procedures.

  • Have preventative measures that are required been identified?
  • Have previously unnoticed vulnerabilities that need to be addressed by the BC Plan and procedures been highlighted?
  • Are the staff members aware of the threats to the organization?
  • Have cost-sharing options or controls for threat prevention been identified?
  • Has the organization identified its threats?
  • Are the threats categorized?
    • Water
    • Fire
    • Service Failure
    • Mechanical breakdown or software failure
    • Accidental or deliberate damage to property and assets
    • Personal problems
    • Environmental/ facility-wide damage
  • Has the organization identified threats from both internal and external sources, such as natural, man-made, and technological disasters?
  • Has the organization assessed the impact and probability of such Threat occurrences?
  • Has a cost/benefits analysis been undertaken in respect of the identified threats?
  • What controls/safeguards have been established to mitigate against the effects of identified threats?
  • Has the effectiveness of controls and safeguards been reviewed?
  • Has the Key Disaster Scenario been identified and approved by the Executive Management?

 

Resource

Goh, M. H. (2016). A Manager's Guide to Auditing and Reviewing Your Business Continuity Management Program. Business Continuity Management Series (2nd ed.). Singapore: GMH Pte Ltd.

Extracted from "BCM Questionnaires 3: Risk Analysis and Review"

 

Singapore Government Funding for BCM-8530 Course

The next section applied to Singaporean and Singapore permanent residents.  Click the button "Government Funding Available" to find out more about the funding that is available from the Singapore government.  This includes the CITREP+, SkillsFuture Credit and UTAP.

 

Find out more about Blended Learning BCM-8530 [BL-A-5] & BCM-8030 [BL-A-3]

Please feel free to send us a note if you have any of these questions to sales.ap@bcm-institute.org