BCM auditors have responsibility to evaluate and provide reasonable assurance that risk management, control, and governance systems are functioning as intended, and that the entire BCM program is built on right principles and is operational. For this purpose BCM auditors validate Governance in the organization, verify BIA, examine existing strategies and procedures built in BC plans in terms of their compliance with policies and standards of the company. They also  substantiate BC/DR and Crisis Management Plans against the industry standards, or check any other BCM components.

In their reporting of risk management issues, BCM auditors provide recommendations for improving the organisation's operations in terms of both efficient and effective performance.


The Cross-functional nature of BCM Audit requires ideally an entire team of professionals

Business Continuity Management is a complex field. It demands contribution of  experts from all functional areas: technology, human resources, finance, legal regulations, etc. The corresponding skills and knowledge from multiple disciplines, as well as skills in project management, analysis and technical writing, are required from an auditor to be able to assess, analyze and comment on various parts of Business Continuity planning.

When  the auditor works alone, even if he carries the audit project in a modular fashion and tries to involve professionals from different functional areas to assist him in the evaluation of each module, it is still challenging to build an internal team whose skills would be sufficient to conduct the audit at this high professional level.

In other words, the cross-functional nature of BCM actually raises a demand for an entire team of audit professionals, well-equipped with all necessary skills, adequate expertise and sufficient experience.

The BCM auditor must possess strong analytical skills and deep knowledge of the subject matter

About half of the time the auditor spends on interviewing and collecting data from various experts in the organization, and especially from BCM professionals. In order to speak the same language and accomplish tasks at hand, auditors need to possess knowledge of the Business Continuity lifecycle, strategies, methods of analysis and planning, as well as other BCM specifics.

Even when the auditor has clear instructions and standards to follow, it is not an easy job to interpret  the actual findings, "connect the dots", and produce an in-depth but concise report.  Solid analytical skills are a must for delivering an audit opinion in a structured manner. Without this prerequisite, auditors may run the risk of having their professional qualifications questioned by the organization under scrutiny. 

Receive Practical Help

CoDimensions offers practical help to BCM auditors by providing a team of professionals specializing in diverse areas, such as BCM subject matter, project management, business analysis, and technical writing. Our experts have an extensive experience in the fields of Risk Management, Business Continuity planning, Crisis Management, Disaster Recovery, and related disciplines (see Why CoDimensions? for more information).

To get acquainted with our BCM Audit services in more detail, please check our Solutions and contact us.