Posted by: Robert Davis
BCP, Business Continuity, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Crisis Management, Disaster Recovery, DRP, IT Audit
Primary drivers for organizational continuity assurance service planning are: verifying continuity plan existence and assessing continuity plan adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during engagement planning — to comply with ISACA’s assurance standards and guidelines as well as other applicable attestation, audit, accounting, and IT standards. Neglecting adherence to standardized professional practices can result in unsupportable audit opinions.
“View Part I of the Auditing Business Continuity and Disaster Recovery series here“