Audit

From Business Continuity Management (BCM) and Disaster Recovery (DR) Wiki Glossary

1. Audit is an independent examination of an organization's business continuity or disaster recovery plans, procedures, documentation so as to assess compliance with specifications, standards, contractual agreements, or other criteria. Notes (1): An example is a Business Continuity Management (BCM) audit, it is seen as a method by which procedures and documentation are measured against pre-agreed (BCM) standards. Notes (2): There are three types of audits: First Party Audits are internal audits. Second Party Audits and Third Party Audits are external audits. BCMBoK Competency Level BCMBoK 7: Program Management CL 1: Foundation BCMBoK Competency Level BCMBoK 7: Program Management CL 5: Advanced (DR) BCMBoK Competency Level BCMBoK 7: Program Management CL 6: Intermediate (BCM Audit) BCMBoK Competency Level BCMBoK 7: Program Management CL 7: Advanced (BCM Audit)

(Source: Business Continuity Management Institute - BCM Institute)

2. Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

3. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Business Continuity Institute - BCI)

4. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )

Related Links

• Information Systems Audit and Control Association (ISACA)
• Institute of Internal Auditors (IIA)
• The American Institute of Certified Public Accountants (AICPA)