IT Governance, Risk, and Compliance

Dec 2 2011   8:53PM GMT

Auditing Business Continuity and Disaster Recovery – Part V

Robert Davis Robert Davis Profile: Robert Davis

The IT auditor’s primary purpose, when performing an audit of business continuity and/or disaster recovery, should be to identify, document, test, evaluate, and report the controls as well as the associated risks related to BCP and/or DRP processes from an IT perspective, as implemented by the entity, for achieving relevant control objectives — both primary and secondary.

The BCP assurance process can be an individual audit area examination or an auditable unit examination for every IT function audit undertaken. During the IT audit planning process, all or segments of an entity’s deployed BCP related frameworks may be selected as auditable units. Furthermore, BCP audits may cross divisional, functional, or departmental demarcations.

View Part I of the Auditing Business Continuity and Disaster Recovery series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: