DescriptionThis course provides education, hands-on experience using a case study, and a guide to perform audits of business continuity management systems and programs using ISO 22301, 2019 edition.Auditing business continuity management systems using a recognized international standard is the best method to identify opportunities to enhance and improve performance. Auditing supplier business continuity management systems is a requirement for some industries and for organizations that have certified, or are seeking certification of, their business continuity management systems and programs. Auditing is also a must for organizations seeking to identify the resiliency of critical suppliers, those with low tolerance for risk, and those seeking to enhance organizational resilience.DRI’s ISO 22301 audit course is designed for business continuity professionals, risk managers, internal auditors, and consultants. The course provides the foundation for auditing — the collection of evidence using interviews, reviewing documents, and surveying properties, as well as the use of ISO 22301 as criteria to evaluate each aspect of a business continuity management system (BCMS).The course begins with the basics of auditing using ISO standards and the Institute of Internal Auditor’s International (IIA) Professional Practices Framework. Students will learn how to develop an audit work plan beginning with assembling a team, research applicable requirements, request documents for review, and schedule site surveys and interviews.An overview of ISO 22301 is followed by 10 lessons providing clause-by-clause explanations of the standard’s BCMS requirements, auditing techniques, and evidence of conformity. Each lesson includes interactive class activities and hands-on auditing of a hypothetical company using ISO 22301 as criteria. Students compile audit findings during each of these lessons.The course wraps up with a hands-on lesson on report writing, including an extended class activity with students organizing findings from all lessons, prioritizing their recommendations, developing an auditor’s opinion on conformity of the case study BCMS to ISO 22301, and presenting their opinion and recommendations to the instructor.Course materials include a comprehensive audit guide for student use when preparing for and conducting an audit. The audit guide identifies documents to review, people to interview, questions to ask, regulations, best practices, and more in-depth guidance. A practice exam that is the subject of the final class lesson is also provided to prepare students for the qualifying exam.Topic areas:- Business continuity management system (BCMS) as defined by ISO 22301, 2019- Context of the organization, leadership, risk assessment, business impact analysis, business continuity plans, competence, exercise program, - performance evaluation, and improvement
- Auditing fundamentals, including planning an audit, gathering evidence, determining findings, developing an auditor’s opinion of conformity, and compiling an audit report
Testimonials"I found the class to be extremely useful, drawing from [the instructor's] vast subject matter expertise…" - CBCP & CBCLA, USA
"DRI courses are well-structured to provide the requisite information at a pace that is appropriate for the learner. The instructor was very knowledgeable and provided 'real world' examples to ensure best understanding." - CBCP, MBCP, CBCLA, & CRMP, USA
Objective1. Understand the requirements for a business continuity management system (BCMS) as defined by ISO 22301.2. Understand fundamental auditing requirements from ISO and IIA.3. Define the role of an auditor to develop an audit plan.4. Identify the tasks to conduct an audit including reviewing documents, interviewing, and surveying facilities.5. Define reporting requirements including identifying findings, developing an auditor’s opinion on conformity to the audit standard, and preparing recommendation for continual improvement.
6. Take the DRI Audit Examination - ISO 22301
Outline- Introduction- Auditing basics- Understanding ISO 22301- Context of the organization- Leadership, planning, support, and operation- Risk assessment- Business impact analysis (BIA)- Continuity strategies and solutions- Business continuity plans- Education and training- Exercise program- Audit findings, recommendations, and auditor’s opinion- Exam preparation- DRI Audit Examination - ISO 22301For in-person courses:This course will be held in-person and the exam will be online, at leisure. A computer is required for this course in order for you to take the exam. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course.For courses held online:
All online courses are held via Zoom and a computer is required for this course. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course. You will also be provided with instructions for how to take the exam online, at leisure following the course.
Please fill the form below so we can contact you to discuss your training and certification requirements