Operational Resilience Audit

Posts about:

audit (8)

audit, Operational Resilience

ORA [Plan] Questionnaires: Analyse Gap Concentration Risk

Jun 15, 2023 5:52:57 PM

Analyse the Gap: Concentration Risk

OR_Plan_Update Diagram

What is Concentration Risk?

Concentration Risk refers to the vulnerability and potential impact that arises from a significant dependence or concentration of critical operations, resources, or dependencies within an organization.

It occurs when there is an overreliance on a single point of failure or a limited number of entities, systems, or processes that, if disrupted, could significantly impact the organization's ability to deliver its critical services or functions.

This section is the "Plan" phase of the Operational Resilience Planning Methodology. It is the second stage of the Plan phase: Analyse Gap.

These questions, checklists, and details should help assess the concentration risk and operational resilience measures related to primary-secondary site operation, critical business functions segregation, split team and backup team arrangements cross-training cross-border support, and alternative service provider considerations and requirements of the MAS BCM Policy.

Audit Checklist for Analysing the Gap: Concentration Risk

1. Primary-Secondary Site Operation

Are primary and secondary sites geographically distant enough to mitigate the impact of a localised event?
Is there a documented plan for transitioning operations from primary to secondary sites?
Has the secondary site been tested for readiness and functionality?
Are the necessary infrastructure and resources available at the secondary site?
Are there redundant systems in place to ensure seamless operations during the transition?

Checklist

Verify if the primary and secondary sites are geographically distant enough to mitigate localised events.
Review the documented plan for transitioning operations from primary to secondary sites.
Assess if the secondary site has been tested for readiness and functionality.
Verify the availability of necessary infrastructure and resources at the secondary site.
Assess the presence of redundant systems to ensure seamless operations during the transition.

2. Critical Business Functions Segregation

Are critical business functions identified and documented?
Is there segregation of critical business functions across different locations?
Have dependencies between critical business functions been assessed and addressed?
Is there a contingency plan to maintain critical business functions during disruption at one location?
Are there regular tests or drills to validate the effectiveness of critical business function segregation?

Checklists

Determine if critical business functions have been identified and documented.
Assess the segregation of critical business functions across different locations.
Review the assessment and addressing of dependencies between critical business functions.
Verify the existence of a contingency plan to maintain critical business functions in case of disruption at one location.
Assess the regular testing or drills to validate the effectiveness of critical business function segregation.

3. Split Team and Backup Team Arrangements

Are split team arrangements established to ensure business continuity in the event of staff unavailability?
Is there a clear communication plan for coordinating split team operations?
Are backup teams identified and trained to take over in case of primary team unavailability?
Has the effectiveness of split and backup team arrangements been tested in simulated scenarios?
Are there documented procedures for transitioning between primary and backup teams?

Checklists

Verify the establishment of split team arrangements to ensure business continuity during staff unavailability.
Assess the presence of a clear communication plan for coordinating split team operations.
Review the identification and training of backup teams to take over in case of primary team unavailability.
Verify the testing of the split team and backup team arrangements in simulated scenarios.
Assess the availability of documented procedures for transitioning between primary and backup teams.

4. Cross-Training

Are employees cross-trained to perform multiple roles within critical business functions?
Is a training program in place to ensure employees have the necessary skills for cross-functional roles?
Are cross-training records maintained for tracking employee capabilities?
Is cross-training periodically tested or validated through drills or exercises?
Are there escalation procedures in place to address skill gaps during disruptions?

Checklists

Determine if employees are cross-trained to perform multiple roles within critical business functions.
Assess the presence of a training program to ensure employees have the necessary skills for cross-functional roles.
Review the maintenance of cross-training records for tracking employee capabilities.
Verify the periodic testing or validation of cross-training through drills or exercises.
Assess the presence of escalation procedures to address skill gaps during disruptions.

5. Cross-Border Support

Are there dependencies on systems, processes, or resources located in other countries?
Are the risks associated with cross-border dependencies identified and assessed?
Is there a contingency plan in place to address disruptions in cross-border support?
Have legal, regulatory, or compliance considerations related to cross-border operations been addressed?
Are there alternative arrangements or redundancies for critical cross-border dependencies?

Checklists

Determine if there are dependencies on systems, processes, or resources in other countries.
Assess the identification and assessment of risks associated with cross-border dependencies.
Verify the presence of a contingency plan to address disruptions in cross-border support.
Review addressing legal, regulatory, or compliance considerations related to cross-border operations.
Assess the presence of alternative arrangements or redundancies for critical cross-border dependencies.

6. Alternative Service Provider

Are alternative service providers identified for critical business functions?
Have due diligence assessments been conducted for alternative service providers?
Is there a documented plan for transitioning to alternative service providers during disruptions?
Are contractual agreements with alternative service providers in place and up to date?
Has the feasibility and effectiveness of alternative service providers been tested or validated?

Checklists

Do note that some steps may overlap or appear similar in the other stages of the OR planning phases. If this occurs, the questionnaires and checklists must be contextualised to the topic under review.


Questionnaires and Checklist "Plan" Phase	Assess Capability and Maturity	Analyse Gap	Develop Strategy Roadmap	Confirm Risk Appetite	Develop and Embed Governance

Find out more about Blended Learning ORA-5000 [BL-ORA-5] & ORA-300 [BL-ORA-3]

Please feel free to send us a note if you have any of these questions.

Moh Heng Goh

audit, Operational Resilience

Table of Content for Operational Resilience Audit and Review [Cross Reference to MAS BCM Guidelines]

Jun 15, 2023 2:14:00 PM

Operational Resilience Audit Questionnaires and Checklist

Operational Resilience Planning Methodology

Operational Resilience Planning Methodology. The three phases are "Plan", "Implement", and "Sustain." Each phase has five stages.

Click each of the five stages within each phase to find out more about the detailed questions to be asked and the checklist supports it. Note that there is overlap for some of the stages in terms of content.

The rationale is that you, as a reviewer or auditor, will not be conducting the audit of review for all three phases together, and hence, the key controls are still needed to be embedded in several stages.

Click the icon on the right to access MAS BCM Guidelines.


Questionnaires and Checklist "Plan" Phase	Assess Capability and Maturity	Analyse Gap	Develop Strategy Roadmap	Confirm Risk Appetite	Develop and Embed Governance

		5. Concentration Risk			7. Responsibilities of Board and Senior Management


Questionnaires and Checklist "Implement" Phase	Identify Critical Business Services	Map Processes and Resources	Set Impact Tolerance	Conduct Scenario Testing	Improve Lesson Learnt

	2 Critical Business Services and Functions	4. Dependency Mapping	3. Service Recovery Time Objectives	7. Testing	6. Continous Review and Improvement


Questionnaires and Checklist "Sustain" Phase	Introduce Cultural Change	Develop Communication Strategy	Implement Training and Awareness	Provide Self-assessment	Conduct Independent Quality Review

	7. Responsibilities of Board and Senior Management	9. Incident and Crisis Management (Communication with staff and Stakeholders)			8. Audit

Find out more about Blended Learning BCM-8530 [BL-A-5] & BCM-8030 [BL-A-3]

Please feel free to send us a note if you have any of these questions.

Moh Heng Goh

audit

ORA [Sustain] Questionnaires: Implement Training and Awareness

Jun 8, 2023 6:32:01 PM

Implement Training and Awareness

What is Training and Awareness?

Training is a planned and organized activity to impart operational resilience skills, techniques and methodologies to all staff to assist them in establishing and maintaining their respective OR programs.

Awareness aims to focus attention and create an understanding of fundamental operational resilience concerns. It is knowing or having knowledge of something through alertness or observing or interpolating what with the primary senses.

This section is the "Sustain" phase of the Operational Resilience Planning Methodology. It is the third stage of the Plan phase: Implement Training and Awareness.

Audit Checklist for Implement Training and Awareness

1. Training Program Development

Is there a documented training program for operational resilience?
Are training objectives clearly defined and aligned with operational resilience goals?
Is the training program comprehensive and covers all relevant aspects of operational resilience?
Are training materials current and reflect the latest policies and procedures?
Is there a process for regularly evaluating and updating the training program?

Checklist

Review the documentation of the training program for operational resilience.
Assess the clarity and alignment of training objectives with operational resilience goals.
Evaluate the comprehensiveness of the training program in covering all relevant aspects.
Verify the currency of training materials and their alignment with the latest policies and procedures.
Determine a process for regular evaluation and updating of the training program.

2. Employee Training and Engagement

Have all relevant employees received training on operational resilience?
Is there a mechanism in place to track and monitor employee completion of training
Are there methods to assess the effectiveness of the training program?
Is there employee engagement and participation in operational resilience initiatives
Are there channels for employees to provide feedback and suggestions for improving
operational resilience?

Checklist

Verify that all relevant employees have received training on operational resilience.
Assesses a mechanism to track and monitor employee completion of training.
Evaluate the methods used to assess the effectiveness of the training program.
Determine employee engagement and participation in operational resilience initiatives.
Review the channels available for employees to provide feedback and suggestions for improvement.

3. Awareness Campaigns and Communication

Are there regular awareness campaigns to promote operational resilience?
Is there effective communication about operational resilience policies and procedures
Are employees aware of their roles and responsibilities in operational resilience?
Is there clarity in communication regarding incident reporting and escalation procedures?
Are there channels for employees to report concerns and seek clarification on operational resilience matters?

Checklist

Assess the frequency and effectiveness of awareness campaigns promoting operational resilience.
Evaluate the clarity and effectiveness of communication about operational resilience policies and procedures.
Determine employee awareness regarding their roles and responsibilities in operational resilience.
Review the clarity of communication regarding incident reporting and escalation procedures.
Verify the availability of channels for employees to report concerns and seek clarification on operational resilience matters.

4. Training Effectiveness Evaluation

Is there a process to evaluate the effectiveness of the operational resilience training?
Are there metrics and performance indicators to assess the training program's impact?
Are there mechanisms to collect employee feedback regarding the training program?
Is there a process for analyzing training evaluation results and implementing improvements?
Are there mechanisms to track the application of learned knowledge and skills in operational resilience practices?

Checklist

Review the process for evaluating the effectiveness of the operational resilience training.
Assess the availability of metrics and performance indicators to assess the training program's impact.
Determine the existence of mechanisms to collect feedback from employees regarding the training program.
Evaluate the process for analyzing training evaluation results and implementing improvements.
Verify the existence of mechanisms to track the application of learned knowledge and skills in operational resilience practices.


Questionnaires and Checklist "Sustain" Phase	Introduce Cultural Change	Develop Communication Strategy	Implement Training and Awareness	Provide Self-assessment	Conduct Independent Quality Review

More Information About Blended Learning Operational Resilience Audit (ORA) Courses

BCM Institute offers two levels of OR auditing courses: ORA-3 Blended Learning ORA-300 Operational Resilience Audit Specialist and the ORA-5 Blended Learning ORA-5000 Operational Resilience Audit Expert.




	Please feel free to send us a note if you have any questions.

Moh Heng Goh

audit

ORA [Plan] Questionnaires: Develop and Embed Governance

Jun 7, 2023 3:33:24 PM

Develop and Embed Governance

What is Governance?

The need to embed operational resilience in the governance structure is essential.

This will start with the board of directors and senior management, who will actively oversee the organisation’s operational resilience framework concerning its strategy and risk appetite, which empowers them to make the correct investment and risk decisions.

This section is the "Plan" phase of the Operational Resilience Planning Methodology. It is the third stage of the Plan phase: Develop and Embed Governance.

Audit Checklist for Develop and Embed Governance

1. Governance Framework

Is there a documented governance framework in place for operational resilience?
Has the framework been communicated to all relevant stakeholders?
Are roles and responsibilities clearly defined within the governance framework?

Checklist

Review the documented governance framework for operational resilience.
Evaluate if the framework aligns with industry best practices and regulatory requirements.
Assess the framework's effectiveness in providing clear roles, responsibilities, and decision-making authority.
Verify if the governance framework is communicated and understood by relevant stakeholders.
Check if there is a process to review and update the governance framework periodically.

2. Leadership and Accountability

Are senior management and executives actively involved in driving operational resilience?
Is a designated individual or team responsible for overseeing the operational resilience program?
Is there a reporting mechanism for the operational resilience program to senior management and the board?

Checklist

Assess the level of senior management and executive involvement in operational resilience initiatives.
Determine if a designated individual or team oversees and implements the operational resilience program.
Evaluate the communication channels between senior management, the operational resilience team, and other stakeholders.
Verify if there is a process to escalate operational resilience issues to senior management and the board.
Assess the effectiveness of leadership in promoting a culture of operational resilience throughout the organization.

3. Risk Assessment and Management

Has a comprehensive risk assessment been conducted to identify and prioritize operational risks?
Are risk mitigation strategies and controls in place to address identified risks?
Are risk management policies and procedures effectively communicated and implemented?

Checklist

Review the methodology and process used for conducting operational risk assessments.
Evaluate the comprehensiveness and accuracy of the identified risks.
Assess if there are clear risk mitigation strategies and controls in place.
Verify if risk management policies and procedures are effectively communicated and implemented.
Assess the monitoring and reporting mechanisms for identified risks and risk mitigation efforts.

4. Business Impact Analysis (BIA)

Has a BIA been conducted to assess the potential impact of disruptions on critical business processes?
Are the identified critical processes adequately documented?
Are there contingency plans and backup arrangements in place for critical processes?

Checklist

Review the BIA methodology and documentation to ensure it covers critical business processes and dependencies.
Verify if there is a process for identifying and prioritizing critical business processes.
Assess if the BIA adequately addresses the potential impact of disruptions on critical processes.
Evaluate the existence and effectiveness of contingency plans and backup arrangements for critical processes.
Verify if the BIA is periodically updated to reflect organisational operations and risk landscape changes.

5. Incident Response and Recovery

Are there well-defined incident response plans for different types of operational disruptions?
Have tabletop exercises or simulations been conducted to test the effectiveness of the incident response plans?
Is there a process for documenting and reviewing lessons learned from incidents

Checklist

Evaluate the existence and effectiveness of incident response plans for different operational disruptions.
Verify if the incident response plans are regularly tested, reviewed, and updated.
Assess the adequacy of incident escalation and communication procedures.
Review documentation of past incidents, including response actions and lessons learned.
Assess if there is a process for continuous improvement of incident response and recovery capabilities.

6. Testing and Exercising

Has a comprehensive testing program been established to validate the effectiveness of operational resilience measures?
Are different types of tests conducted, such as scenario-based testing, technology testing, or third-party testing?
Are test results documented, reviewed, and acted upon to enhance operationally

Checklist

Assess the comprehensiveness and frequency of testing programs for operational resilience measures.
Review the test types, such as tabletop exercises, simulations, or technology testing.
Evaluate the documentation and remediation processes for identified issues during testing.
Assess if a process exists to capture and implement lessons learned from testing exercises.
Verify if the testing program is periodically reviewed and updated to align with threats and organizational changes.

7. Training and Awareness

Is there an ongoing training program to ensure employees understand their roles and responsibilities related to operational resilience?
Are employees aware of the key risks, controls, and incident response procedures?
Is there a mechanism to assess the effectiveness of training programs?

Checklist

Evaluate the training programs provided to employees on operational resilience.
Assess if employees know their roles and responsibilities related to operational resilience.
Verify if there are training programs specifically tailored for different job roles and functions.
Assess the effectiveness of training programs through employee feedback and assessment mechanisms.
Evaluate the organization's communication channels for disseminating information on operational resilience.

8. Third-Party Management

Are there processes in place to assess the operational resilience of critical third-party vendors and service providers?
Is there ongoing monitoring of third-party resilience and the adequacy of their business continuity plans?
Is there a contingency plan to mitigate risks arising from third-party failures or

Checklist

Assess if there is a process for evaluating and managing the operational resilience of critical third-party vendors and service providers.
Review the documentation of due diligence processes for third-party selection and ongoing monitoring.
Verify if there are contractual requirements for third parties to maintain operational resilience standards.
Assess if there are contingency plans and alternate arrangements to mitigate risks arising from third-party failures.
Review the monitoring and reporting mechanisms for third-party operational resilience.

9. Reporting and Metrics

Are there clear reporting mechanisms to provide regular updates on the status of operational resilience to relevant stakeholders?
Are key performance indicators (KPIs) and metrics defined to measure the effectiveness of operational resilience efforts?
Are reports reviewed and acted upon to drive continuous improvement?

Checklist

Evaluate the reporting mechanisms to provide regular updates on operational resilience to relevant stakeholders.
Assess the adequacy of key performance indicators (KPIs) and metrics to measure operational resilience effectiveness.
Verify if reports are reviewed, acted upon, and used to drive continuous improvement.
Assess the availability and accuracy of data and information used for reporting. e. Evaluate if reporting aligns with regulatory requirements and internal governance expectations.

10. Compliance and Regulatory Requirements

Are there processes to ensure compliance with relevant laws, regulations, and industry standards?
Has the operational resilience program been subjected to external audits or regulatory examinations?
Are there mechanisms to track and address any deficiencies or non-compliance issues identified?

Checklist

Review the organization's processes for identifying and complying with relevant laws, regulations, and industry standards related to operational resilience.
Assess the effectiveness of controls and procedures in place to ensure compliance.
Verify if there is a process for monitoring regulation changes and updating operational resilience practices accordingly.
Assess the documentation and evidence of external audits or regulatory examinations related to operational resilience.
Review any identified deficiencies or non-compliance issues and the subsequent remediation efforts.


Questionnaires and Checklist "Plan" Phase	Assess Capability and Maturity	Analyse Gap	Develop Strategy Roadmap	Confirm Risk Appetite	Develop and Embed Governance

More Information About Blended Learning Operational Resilience Audit (ORA) Courses




	Please feel free to send us a note if you have any questions.

Moh Heng Goh

audit, Operational Resilience

ORA [Plan] Questionnaires: Develop Strategy Roadmap

Jun 7, 2023 3:23:16 PM

Develop Strategy Roadmap

OR_Plan_Update Diagram

What is Strategy Roadmap?

A strategy roadmap is a bridge between strategy and execution. It visualizes the critical outcomes of the operational resilience effort that must be delivered over a particular time horizon to achieve the organisation’s strategic vision.

The outcomes on the strategy roadmap are substantiated by a clear understanding of the organisation’s capabilities; gaps and priorities must be addressed.

This section is the "Plan" phase of the Operational Resilience Planning Methodology. It is the second stage of the Plan phase: Develop Strategy Roadmap.

Audit Checklist for Develop Strategy Roadmap

1. Governance and Leadership

Is there a clear governance structure in place for the operational resilience program?
Are roles and responsibilities for program leadership clearly defined?
Is there senior management oversight and involvement in the program?
Are there mechanisms to escalate and resolve issues related to operational resilience?

Checklist

Establish a clear governance structure with defined roles and responsibilities for operational resilience.
Ensure senior management oversight and involvement in the program.
Develop policies and procedures to support effective governance and decision-making.
Define mechanisms for escalation and resolution of operational resilience issues.

2. Risk Assessment and Identification

Has a comprehensive risk assessment been conducted to identify potential operational risks?
Are all critical business processes and dependencies identified?
Have risk thresholds and impact tolerances been established?
Is there a process to regularly update and reassess risks and dependencies?

Checklist

Develop a standardized risk assessment methodology for identifying and evaluating operational risks.
Ensure all critical business processes, systems, and dependencies are identified.
Establish risk thresholds and impact tolerances to prioritize risks. d. Implement a process for regular risk monitoring and reassessment.

3. Business Impact Analysis

Has a business impact analysis been performed to assess the potential consequences of operational disruptions?
Are critical functions and processes prioritized based on their impact on the organization?
Are recovery time objectives (RTOs) and recovery point objectives (RPOs) defined for critical processes?
Has the impact of interdependencies between processes been considered?

Checklist

Conduct a comprehensive business impact analysis to assess the potential consequences of operational disruptions.
Prioritize critical functions and processes based on their impact on the organization.
Define recovery time objectives (RTOs) and recovery point objectives (RPOs) for critical processes.
Analyze interdependencies between processes to identify potential ripple effects.

4. Strategy Development

Has a strategy roadmap been developed to implement the operational resilience program?
Are there explicit goals and objectives for the program?
Is the strategy aligned with the organization's overall risk management and business continuity plans?
Are resource requirements and budget considerations identified in the strategy?

Checklist

Define the vision, goals, and objectives of the operational resilience program.
Align the strategy with the organization's overall risk management and business continuity plans.
Identify resource requirements, including budget, personnel, and technology.
Develop a roadmap with clear milestones and timelines for implementation.

5. Incident Response and Recovery

Is there an incident response plan for different types of operational disruptions?
b. Are roles and responsibilities clearly defined in the incident response plan?
c. Has the plan been tested and updated regularly?
Is there a process for learning from incidents and improving the operational resilience program?

Checklist

Establish an incident response plan that outlines procedures for responding to and recovering from operational disruptions.
Define roles and responsibilities for incident management, including incident response teams.
Regularly test and update the incident response plan to ensure its effectiveness.
Establish mechanisms for learning from incidents and incorporating improvements into the operational resilience program.

6. Communication and Coordination

Is there a communication plan to ensure effective communication during operational disruptions?
Are stakeholders identified and informed about the operational resilience program?
Is there coordination with external partners, vendors, and regulators during incidents?
Are there mechanisms to provide timely updates to stakeholders and manage their expectations?

Checklist

Define the vision and objectives of the operational resilience program.
Conduct a thorough assessment of the current state of operational resilience.
Identify key stakeholders and establish communication channels.
Develop a governance structure with clear roles and responsibilities.
Define risk assessment methodologies and criteria.
Perform a comprehensive risk assessment and document the findings.
Conduct a business impact analysis to prioritize critical functions and processes.
Develop recovery strategies and plans for critical processes.
Identify resource requirements and budget considerations.
Establish performance metrics and key performance indicators (KPIs) for measuring progress.
Develop an incident response plan with clear escalation procedures.
Test and validate the incident response plan through simulations and drills.
Develop a communication plan for internal and external stakeholders.
Establish mechanisms for ongoing monitoring and reporting of operational resilience.
Regularly review and update the strategy roadmap to incorporate lessons learned and evolving risks.


Questionnaires and Checklist "Plan" Phase	Assess Capability and Maturity	Analyse Gap	Develop Strategy Roadmap	Confirm Risk Appetite	Develop and Embed Governance

Find out more about Blended Learning ORA-5000 [BL-ORA-5] & ORA-300 [BL-ORA-3]

Please feel free to send us a note if you have any of these questions.

Moh Heng Goh

Operational Resilience Audit

audit (8)

ORA [Plan] Questionnaires: Analyse Gap Concentration Risk

hbspt.cta._relativeUrls=true;hbspt.cta.load(3893111, '7341550b-2a0b-49e3-8c83-4dce92ec089c', {"useNewLoader":"true","region":"na1"});

Analyse the Gap: Concentration Risk

What is Concentration Risk?

Audit Checklist for Analysing the Gap: Concentration Risk

1. Primary-Secondary Site Operation

2. Critical Business Functions Segregation

3. Split Team and Backup Team Arrangements

4. Cross-Training

5. Cross-Border Support

6. Alternative Service Provider

Find out more about Blended Learning ORA-5000 [BL-ORA-5] & ORA-300 [BL-ORA-3]

Table of Content for Operational Resilience Audit and Review [Cross Reference to MAS BCM Guidelines]

hbspt.cta._relativeUrls=true;hbspt.cta.load(3893111, '1e7be263-03e2-4f94-9204-8c10f0ab9988', {"useNewLoader":"true","region":"na1"});

Operational Resilience Audit Questionnaires and Checklist

Find out more about Blended Learning BCM-8530 [BL-A-5] & BCM-8030 [BL-A-3]

ORA [Sustain] Questionnaires: Implement Training and Awareness

hbspt.cta._relativeUrls=true;hbspt.cta.load(3893111, 'd9091de7-7d46-44a7-b58b-dfc7cc1401cd', {"useNewLoader":"true","region":"na1"});

Implement Training and Awareness

What is Training and Awareness?

Audit Checklist for Implement Training and Awareness

1. Training Program Development

2. Employee Training and Engagement

3. Awareness Campaigns and Communication

4. Training Effectiveness Evaluation

More Information About Blended Learning Operational Resilience Audit (ORA) Courses

ORA [Plan] Questionnaires: Develop and Embed Governance

hbspt.cta._relativeUrls=true;hbspt.cta.load(3893111, '7341550b-2a0b-49e3-8c83-4dce92ec089c', {"useNewLoader":"true","region":"na1"});

Develop and Embed Governance

What is Governance?

Audit Checklist for Develop and Embed Governance

1. Governance Framework

2. Leadership and Accountability

3. Risk Assessment and Management

4. Business Impact Analysis (BIA)

5. Incident Response and Recovery

6. Testing and Exercising

7. Training and Awareness

8. Third-Party Management

9. Reporting and Metrics

10. Compliance and Regulatory Requirements

More Information About Blended Learning Operational Resilience Audit (ORA) Courses

ORA [Plan] Questionnaires: Develop Strategy Roadmap

hbspt.cta._relativeUrls=true;hbspt.cta.load(3893111, '7341550b-2a0b-49e3-8c83-4dce92ec089c', {"useNewLoader":"true","region":"na1"});

Develop Strategy Roadmap

What is Strategy Roadmap?

Audit Checklist for Develop Strategy Roadmap

1. Governance and Leadership

2. Risk Assessment and Identification

3. Business Impact Analysis

4. Strategy Development

5. Incident Response and Recovery

6. Communication and Coordination

Find out more about Blended Learning ORA-5000 [BL-ORA-5] & ORA-300 [BL-ORA-3]