Course Overview

This two-day course develops the practical skills required to plan, conduct, and report internal audits of a BCMS against ISO 22301:2019. Participants apply ISO 19011:2018 audit technique to BIAs, recovery plans, exercises, and management review – with practical exercises drawn from real disruption scenarios.

Who Should Attend

• Internal auditors and risk team members
• BC/DR coordinators
• IT continuity professionals
• Compliance and audit committee members

What You Will Learn

• Plan and conduct internal BCMS audits in accordance with ISO 19011 principles
• Audit BIAs, recovery strategies, and test exercises
• Evaluate crisis communication and management review processes
• Identify, classify, and report nonconformities
• Document findings and verify corrective actions
• Apply the roles and responsibilities of an internal BCMS auditor

Course Content

• ISO 22301:2019 refresher and audit terminology
• BCMS audit programme and audit plan
• Auditing BIAs, risk assessments, and recovery strategies
• Auditing plans, tests, exercises, and crisis communication
• Audit reporting, nonconformity writing, and corrective actions
• Practical exercises with disruption case studies

Methodology

A blend of trainer-led sessions, group work, role-play audits, and case-based discussion. Participants conduct simulated audits drawn from financial-services, telecom, and healthcare scenarios.

Assessment

Continuous assessment through case studies and exercises, complemented by a written end-of-course assessment.

Certificate

Prerequisites