Internal auditing and business continuity planning are two key functions in the successful risk management program of an organization. This article outlines the current and historical relationships between the two functions, describes benefits of working together, and suggests opportunities for cooperation. Internal auditing is defined by the Institute of Internal Auditors as, “An independent, objective assurance, and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” Internal auditing is an important part of an organization’s governance structure. Management, at all levels, and the board of directors rely on internal auditing’s findings to improve the controls functioning over the organization’s IT systems and critical business functions. Business continuity planning provides essential controls that are critical for organizational survival and thus is important enough to be
Thursday, 22 November 2007 00:21
Audit's Role In The Continuity ProcessWritten by Terri A. Kirchner, MBCP, CCP & Douglas E. Ziegenfuss, PhD, CIA, CISA
Leave a comment
Make sure you enter the (*) required information where indicated. HTML code is not allowed.