How to Audit Contingency and Business Continuity Plans

Experience suggests that having an improperly conceived or inadequate plan may in many instances be worse that not having one.

How do you determine whether your contingency plan is sound and adequate? The answer is: your organization should conduct an audit of it. This should be preferably done by a different party than the one that was instrumental in conceiving and developing the plan on the grounds of objectivity. It is a simple fact of business life that it is almost impossible for the team that developed the plan to find deficiencies in the plan they authored.

An independent audit of the existing contingency plan is definitely worth the effort. Considering the high cost of developing a contingency plan, serious minded organizations should wisely invest in auditing the contingency plan. The audit could be conducted by an internal audit function or an outside professional service. Your company should identify weakness in their contingency plans before they could be activated.

Areas Covered in the seminar:

• The need for an effective audit of your contingency and business continuity plans
• Purpose and scope of an contingency plan audit
• Approaches to audit contingency and business continuity plans
• A general methodology for auditing contingency plans
• Determining and specifying key "audit" objectives
• Key areas to consider in the audit of your contingency plan
• Should the audit also include an actual or physical test of the contingency plan? If not, what should be an auditor’s role in the actual testing of contingency plan provisions?
• The need for and contents of an audit plan for a contingency plan audit

Who Will Benefit:

• CEOs, CFOs, and line senior executives responsible for company operations
• Corporate and internal audit executives, internal and information system auditors
• Executives responsible for preserving business continuity
• Contingency planning and emergency preparedness professionals
• CIOs, CFOs and any C-level executive that vitally depends on their ability to recover from disasters
• External auditors and consultants in risk management and contingency planning
• IT and quality assurance professionals
• Chief Risk managers and Chief Security Officers (CSOs) and professionals
• Records Management professionals
• Legal Counsel, Human Resources and Public and Community Relations
• Compliance and Regulatory Mandate officers/professionals

Instructor Profile:

Javier Kuong, has over 25 years of management, consulting lecturing and development experience in the Corporate Governance, Management, Business Continuity, IT Compliance, Internal Controls, Risk Management as an executive, international consultant, lecturer and author of over 40 books and manuals on these topics.

He has held positions as a CIO and Systems manager for industrial companies and as a senior consulting manager for a major CPA firm where he conducted many audits of contingency plans. He is the founder of Management Advisory Services & Publications (MASP) and the Contingency Planning & Recovery Institute that specializes in business continuity. He has authored many practitioners’ books on contingency planning, disaster recovery and business continuity and is the editor of the Contingency Planning & Recovery Journal, now in its 21st year of publication.

Follow us :