Track: Continuity Audit
Course Title: Auditing a Business Continuity Program: ISO 22301
Course ID: BCLE AUD (ISO 22301)
Relevant Certifications (requires additional step): CBCA, CBCLA
Duration: 4.5 Days (4 full days of instruction 8:30 a.m. – 5:00 p.m.; Examination day 8:30 a.m. – 12:00 p.m. or at leisure)
Examination: DRI Audit Examination - ISO 22301 (2.5 hours)
32 Continuing Education Activity Points (CEAPs) may be awarded towards recertification if applicable.
The cost of this course includes both the course and the exam.
BCMS Auditor/Lead Auditor (ISO22301) provides the training, tools, and hands-on experience needed to audit business continuity, disaster, and emergency management programs.
Featuring a case-study-based, hands-on format, you will learn by doing in this unique and highly effective course. Whether you're a business continuity professional, an internal or external auditor, or a consultant who assesses continuity and emergency management programs for clients, DRI’s audit course provides the training, tools, and hands-on experience needed to audit business continuity, disaster, and emergency management programs.
Using multiple methods of instruction, DRI’s Auditor course for standard ISO 22301 gives students the training, tools, and hands-on experience needed to master auditing of emergency management and business continuity plans. Group exercises will help you develop your skills as you audit a hypothetical company’s program using the standard, audit guide, and presentation content in the course. You'll also learn how to develop your audit opinion, develop your report, and present your findings to management.
In addition to the body of knowledge defined by ISO22301, this course also includes two modules on auditing. The first module identifies auditing standards and guidance in addition to defining the phases of engagement, engagement planning, performance of the audit, and communicating results. The second module covers reporting findings and recommendations.
The course materials include a comprehensive audit guide for you to take back to your workplace and use when preparing for and conducting an audit and when reporting audit findings. The audit guide identifies who should be interviewed, documents that should be reviewed, as well as surveys that should be conducted to gather evidence of conformity to the standard. Audit questions are designed to guide the you in determining whether the information you gathered conforms to the standard.
- The management systems approach to identifying and managing business continuity risks
- The requirements of ISO 22301
- How to plan, complete and report the audit of an entire BCMS
1. Describe the purpose of a business continuity management system (BCMS), of BCMS standards, of management system audit and of third-party certification
2. Explain the role of an auditor to plan, conduct, report and follow up a BCMS audit consistent with ISO 19011 and ISO 17021 where appropriate
3. Plan, conduct, report and follow up an audit of a BCMS to establish conformity with ISO 22301 and consistent with ISO 19011
4. Take the DRI Audit Examination - ISO 22301
- Auditing basics
- Understanding ISO22301
- Implementing and operating the BCMS
- Business impact analysis (BIA)
- Risk assessment
- Determining choices
- Determining strategy
- Developing and implementing a BCMS response
- Exercising, maintaining and reviewing BCMS arrangements
- Monitoring and reviewing BCMS
- Maintaining and improving BCMS
- Reporting audit findings and recommendations
- Auditing the BCMS
- BCMS metrics
- Exam review
- DRI Audit Examination - ISO 22301
For in-person courses:
This course will be held in-person and the exam will be held on the morning of the final day. As soon as you are finished taking the exam, you will be able to leave for the day. A computer is required for this course in order for you to take the exam. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course.
For courses held online:
All online courses are held via Zoom and a computer is required for this course. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course. You will also be provided with instructions for how to take the exam online following the course.
For international courses:
This course is being hosted by a DRI International partner. To register, you will be asked to provide your contact information and we will put you in touch with the local team for details.
For courses held pre-conference:
This course is being held in-person prior to the DRI Annual Conference at or near the conference venue. You can then attend the conference immediately following your course with an additional registration (separate fee applies).