Business Continuity and IT Availability – Part VII
Through establishment and deployment of an emergency management program, top-level personnel can send a clear message to everyone in the entity that business continuity and disaster recovery control...
View ArticleBusiness Continuity and IT Availability – Part VIII
Directly, an entity’s DRP has a significant affect on the viability of IT and information security governance programs. Indirectly, IT and information security governance programs may impact...
View ArticleAuditing Business Continuity and Disaster Recovery – Part I
After a catastrophic incident or event; losing the capability to process, retrieve, and protect information maintained electronically can significantly affect an entity’s ability to accomplish its...
View ArticleAuditing Business Continuity and Disaster Recovery – Part II
For most professionals, business continuity planning refers to the process for developing advance arrangements and procedures enabling an entity to respond to service interruptions in such a manner...
View ArticleAuditing Business Continuity and Disaster Recovery – Part III
As with a business continuity plan (BCP); a disaster recovery plan (DRP) contains the consistent actions to be undertaken prior to, during and after a disaster. A sound DRP is built from a...
View ArticleAuditing Business Continuity and Disaster Recovery – Part IV
Although often referred to as disaster recovery plans, controls to ensure service continuity should address the entire range of potential disruptions. These may include relatively minor interruptions,...
View ArticleAuditing Business Continuity and Disaster Recovery – Part V
The IT auditor’s primary purpose, when performing an audit of business continuity and/or disaster recovery, should be to identify, document, test, evaluate, and report the controls as well as the...
View ArticleAuditing Business Continuity and Disaster Recovery – Part VI
BCP audits normally have an organizational focus. ‘Organizational-based’ BCP audits examine deployed frameworks, managerial issues, and departmental activities. However, if during...
View ArticleAuditing Business Continuity and Disaster Recovery – Part VII
Primary drivers for organizational continuity assurance service planning are: verifying continuity plan existence and assessing continuity plan adequacy. However, as with standard IT audits, a general...
View ArticleAuditing Business Continuity and Disaster Recovery – Part VIII
An IT auditor should perform a preliminary control environment (CE) assessment corresponding to the audit area being examined to enable reasonable assurance that all significant items will be...
View Article
