Service Description
The
audit can be the initial step in any contract to perform continuity or
contingency planning work. It's intended as a quick, high-level review to
identify any major enterprise continuity or contingency planning gaps or obvious
business practice vulnerabilities. Depending on the size of the
organization and the scope of the audit, the audit can be accomplished in 1-4
weeks with just 1-3 people.
As a possible precursor
to our more detailed business impact analysis or risk assessment, our audits are designed
for those who need some results immediately or are uncertain if a more thorough
analysis is necessary. For clients convinced that a full-blown risk
assessment is required, they may prefer to skip the audit and proceed directly
to the assessment as the starting point.
Audits may also be
employed as part of our Support services to
review past assessments and plans we may have created for you and update them.
|
|
Key Benefits
 | You find out where
your key continuity or contingency planning vulnerabilities lie and their
overall impact. |
|
Gain
a timely understanding of what further work is needed to address any planning
or practice gaps, and, what that work might consist of, how much it might
cost, and how long such work might take. |
|
Minimal investment in both time and dollars.
|
|
|
Capabilities
CPOCS can perform any or all of the following Audit
services:
Review
Plans and High Risk Areas
| Review existing
continuity or contingency plans and associated documentation against
organizational standards. |
|
Cross-reference existing plans to assure coordination points are clear and
properly integrated. |
|
Evaluate risks to stakeholders. |
|
Compare plans and practices to regulatory and industry standards. |
|
Identify critical, planning and practice, risk areas
|
|
|
Analyze Plans and High Risk Areas
| Identify risks and vulnerabilities not addressed. |
|
Prioritize these risks based on their probabilities and estimated impacts. |
|
Identify voids in plans. |
|
Identify where improvements and
changes must be made.
|
|
|
Recommend Action Plan
| Recommend responses to
critical planning and practice gaps. |
|
Identify deviations from
organization's standards that need to be corrected. |
|
Delineate deviations from industry
or regulatory standards. |
|
If necessary, recommend a game plan for completing a more in-depth
assessment and a continuity or
contingency plan as separate service offerings.
The game plan would be presented as a statement of work (SOW). |
|
Provide an estimate of the time and cost required to complete the work
outlined in any SOW.
|
|
|
| |
|
|
|
|
