Customers expect organizations to plan and prepare for unforeseen events. Through an effective Business Continuity Management System (BCMS) based on ISO 22301, organizations can build the resilience and capability to keep operating when unexpected disruptions occur. This increases customer confidence – especially when the effectiveness of the BCMS is independently verified and certified.

To unlock the full potential of the BCMS, your organization must conduct thorough audits of the framework to ensure that it continues to be robust and applicable in crisis situations. You may also want to find out more about independent audits and how they work. Can you lead an audit?

This course will develop the knowledge and skills required to lead a BCMS audit, with emphasis on independent auditing principles and practices. Led by an expert instructor, practical exercises, group activities and class discussions will be used to guide you through the entire audit process from the planning of the audit through to reporting the results.

Course Benefits

• Establish the effectiveness of your BCMS
• Grow customer confidence in your organization
• Gain valuable insight into the operations of your organization
• Manage an audit team
• Prepare for independent audits
• Conduct independent audits
• Develop your ISO 22301 auditing skills and lead auditor expertise

Learning Objectives

Upon completion of this course, participants will be able to:

• Describe the purpose of a business continuity management system, of business continuity management systems standards, of management system audit and of third party certification.
• Explain the role of an auditor to plan, conduct, report and follow up business continuity management system audit in accordance with ISO 19011 (and ISO 17021 where appropriate).
• Plan, conduct, report and follow up an audit of a business continuity management system to establish conformity (or otherwise) with ISO 22301 in accordance with ISO 19011 (and ISO 17021 where appropriate).

Intended Audience

Anyone with responsibility for managing a BCMS audit, including:

• Business continuity, risk, information security, IT and operations managers or consultants
• Internal and external management system auditors and lead auditors who are new to leading a BCMS audit
• People interested in how an independent BCMS audit works

Course Duration

5 days

Prerequisites

• Knowledge of the requirements of ISO 22301 and,
• Knowledge of the following business continuity management principles and concepts:
  • the purpose and benefits of a Business Impact Analysis
  • the principals of risk assessment and analysis
  • typical Business Continuity Strategies
  • business continuity response options
  • BCMS performance metrics, monitoring and performance measurement
  • exercise and testing methodologies

Further Information

This course contains pre-course material and a 2-hour closed-book examination on day 5. A certificate of attendance is awarded to all participants who complete the course. Participants who pass the examination receive additional recognition for this achievement on their certificates.

IRCA Certified Course (A17456)

This course is certified by the International Register of Certificated Auditors (IRCA) and meets the training requirements for IRCA Business Continuity Management Systems (BCMS) Auditor Certification.