AUDITING BUSINESS CONTINUITY: GLOBAL BEST PRACTICES

Size: px
Start display at page:

Download "AUDITING BUSINESS CONTINUITY: GLOBAL BEST PRACTICES"

Transcription

1 AUDITING BUSINESS CONTINUITY: GLOBAL BEST PRACTICES EXCERPT FROM THE FOREWORD There are numerous publications that provide a wealth of knowledge about what Business Continuity Management (BCM) is and how it should be done; few offer an explanation of how it can be assessed. Many concentrate on how to develop and maintain a BCM plan; few adopt an holistic approach to BCM and address the key issue of how to develop and maintain a BCM capability based on an understanding of the business and its markets. This work of Rolf von Roessing is grounded in sound experience and begins to fill the BCM plan/capability gap. It sets out the BCM audit process in a structured and user friendly way that should be basic reading for all BCM professionals and BCM auditors. A particular acknowledgement is the complexity of a BCM audit and the need for professional BCM expertise as a key element to successfully achieve audit objectives. The work not only provides a general outline of how to conduct different types of audits but also reinforces their application by providing practical examples and advice to illustrate the step-by-step methodology, including contracts, reports and techniques. The practical application of the methodology enables the professional auditor and BCM practitioner to identify and illustrate the use of good BCM practice whilst demonstrating added value and business resilience. Dr. David J. Smith MBA LL.B(Hons) Chairman of the Business Continuity Institute, Education Committee EXCERPT FROM THE PREFACE I was very happy to be asked to write a preface to this welcome addition to the growing library of Business Continuity learning. Why? As a practicing consultant and trainer of enterprise risk management and business continuity, it has long been a source of discomfort that so many business continuity plans simply pay lip service to real needs. Plans are often over simplistic, over-focused on particular possibilities, ill-considered and incomplete. They make implicit assumptions - about the availability of people, assets and access, for instance - without subjecting those assumptions to challenge.

2 Around 85% of Business Continuity Plans fail when first tested. Put simply, these plans show fundamental flaws that would have prevented recovery from taking place within the required timescale. Over 50% of Business Continuity Plans are never tested. This means that those flaws have not been exposed and the plans will almost certainly fail to deliver timely recovery. These stark figures demonstrate just how misplaced are the hopes of many managers when they rely on such fragile plans. No matter what forethought is given to business continuity management, the actual experience of a disaster bears little relation to the pre-considered events and to plans developed in the relative calm of normal circumstances. Too often business continuity arrangements are based on specific disaster scenarios and would not withstand scenarios that had not been considered. But disasters are not disciplined. Chaos follows no roadmap. The unthinkable does happen. It is therefore crucial to businesses that plans are subject to stringent review. That is why I welcome Rolf von Roessing's cogent contribution to this important area. Rolf provides a comprehensive, pragmatic and deeply practical step-bystep guide to Business Continuity audit. I commend it to all who are serious about the topic. Andrew Hiles FBCI, MBCS Director, Kingswell International Oxford, UK - EXCERPT FROM THE INTRODUCTION This book presents a general methodology and a framework for auditing Business Continuity Management (BCM). The main purpose is to provide a single work of reference for auditors, managers working in business continuity and consultants.

3 BCM is a complex field. It covers business issues and technology with a perspective on the entire enterprise. The business continuity manager, and the auditor, require a diversified set of skills and extensive knowledge to assess business continuity as a question of business survival. There has been a lot of confusion about the terms "business continuity," "disaster recovery," "IT security" and many other words attempting to describe the continuation of critical business processes under adverse circumstances. However, for the auditor these terms refer to one and the same notion: businesses should take adequate precautions to ensure that no going concern issues arise from crises or disasters. Some companies decide to take a cautious stance with regard to continuing their operations come what may: they prefer to "err on the safe side" and rely on preventative measures. Other firms, perhaps in an industry where "speed to market" and competitive pressure require a faster pace, may prefer to reduce investments on prevention, while putting in place a robust crisis and disaster management mechanism. Both types of corporations nevertheless pursue the overall goal of business continuity, by either avoiding risks or disasters (if they can), or by making sure they can deal with these events. In a sense, BCM means "reading the future" or trying to safeguard an organization against unforeseen events. Management is still forced to address precisely this issue, by carefully evaluating their options and then making an entrepreneurial decision about the acceptable level of remaining risk. To the auditor, it is important to understand how this decision has been reached and whether it can be justified from a financial, operational and managerial point of view. Neither the overly cautious nor the reckless manager will succeed in today's market - the BCM auditor should provide a sounding board and an objective business partnership to the management of the company being reviewed. BCM audit is therefore an important element of ensuring corporate survival. The audit result incorporates issues of compliance, highlights weaknesses and provides reasonable recommendations to management, whose experience may be enhanced and improved by the auditor's objective input from other corporations or industries. It is not to be confused with the much narrower field of IT audit. This book has been deliberately restricted to business continuity rather than IT continuity to highlight the all-important differences between the two.

4 The contents have been arranged around the Business Continuity Institute (BCI) / Disaster Recovery Institute International (DRII) Professional Practices for business continuity as well as other standards such as CobIT or ISO / IEC Some elements may look familiar to the experienced auditor who may still benefit from using this book as a reference manual or as an instructive tool for groups of auditors. This is intentional, as BCM and related audit questions should "fit in" with tools and models that are recognized and proven in the field. EXCERPT: HOW TO USE THIS BOOK This book is a toolset to assist you in planning, conducting and documenting a review of the business continuity management (BCM) process within a company or institution. It is structured in three main sections. The first part explains how to plan an audit from beginning to end. The second part contains a full audit program that you may use at varying levels of detail to support your audit strategy and plan. The third part contains samples of an audit report and selected work papers to help you put the plan and program into practice. If you are a financial auditor, or an internal auditor tasked with reviewing business continuity, this may be a new field to you. Likewise, if you are a business continuity manager who has been assigned the task of being an auditor, this is a new way of looking at BCM, rather than implementing it. Chapter 1 explains the concepts of BCM and audit seen together. It shows how to formulate the framework and scope of a BCM audit, how to define audit plans and how to write a clear and concise audit program that management and other stakeholders will understand and buy into. As an auditor, you are managing the practical phase of a BCM review. Chapter 2 explains how to schedule the review, how to estimate time and effort, and how to streamline the process of formal audit steps. Known difficulties and pitfalls, many of them unique to BCM, are explained in detail. Even if you are a seasoned audit professional, this chapter may help you in identifying typical problems associated with reviewing a complex process and interacting with a wide range of managerial and technical responders. As a business continuity manager, Chapter 2 may help you understand the challenges presented by reviewing the BCM concepts without actually managing them yourself. Chapter 3 outlines methods of analysis that you can use to arrive at a wellfounded audit opinion. As a financial or internal auditor, this chapter will allow you to evaluate your findings and to avoid time-consuming detail when reviewing the BCM process. As a business continuity manager, you will find Chapter 3 a useful tool for looking at any given part of a BCM process and for comparing findings against your own experience and best practices.

5 The success of your work as a BCM auditor depends on clear, concise audit reports that are easily understood by management. Chapter 4 explains how audit reports are structured, written and presented to your stakeholders. In this chapter, you will find samples and templates ranging from small, detailed reports to a large set of reports designed for an international BCM audit. Section 2 is a standardized audit program divided into work areas. You will find detailed audit questions covering all aspects of business continuity management. In the course of your BCM audit, you can use parts or the whole of the standardized questions for your audit plan and program. The standardized audit program is designed to give you additional information on risk ratings, recognized standards and additional materials that you may use to understand each item, as well as to communicate it to audit teams or the auditee organization. For each item within the standardized audit program, the legal, regulatory and technical background is explained in detail. Detailed audit steps have been included for each question to give you indications as to the time and effort required during the audit. Suggested standard wordings for findings and recommendations have also been included. Work area 11 contains detailed audit instructions for some national jurisdictions where different rules may apply. You can use these to guide your audit teams, and to find out what materials you may need to understand and evaluate when reviewing BCM abroad. The national parts of area 11 include the Central and Eastern European world to give you an overview of what to look for even if a foreign language is used. Work area 12 will support you when reviewing typical BCM software tools. You will find useful hints and technical references to give you quick access to typical problems and difficulties that may constitute important audit findings. Section 3 contains a sample audit report that is based on the examples used in Section 1. Selected work papers have been added to provide an indication as to the ways in which you might use the standardized audit program. Depending on your previous experience with audit and BCM, you can use this book as a reference work or as a step-by-step guide for hands-on project work. However, it is not a "one-size-fits-all" guide along the lines of "BCM-in-a-box for $ 9.99." Whether you are a novice auditor or a seasoned BCM professional, it is likely that you will use the book in different ways.

6 TABLE OF CONTENTS FOREWORD PREFACE INTRODUCTION HOW TO USE THIS BOOK SECTION I: AUDIT GUIDELINES FOR BUSINESS CONTINUITY MANAGEMENT 1 AUDIT FRAMEWORK, SCOPE AND PLANNING Introduction Audit Framework Audit Scope Audit Areas (Modules) and Planning Example of Audit Framework, Scope and Planning Statement Example of Individual Audit Program SUMMARY 2 CONDUCTING THE AUDIT Scheduling and Administration Example of Interview Schedule and Administration Interview Contents Example of Interview Guidelines Example of BCM Questionnaire Pitfalls and Known Difficulties SUMMARY 3 ANALYSIS Summarizing Interview Results Example of Interview Series Summaries Example of Gap Analysis Documentation66 Methods Analytical Example Applying the Standardized Program SUMMARY 4 REPORTING GUIDELINES Structuring Report Contents Example of Overall Report Structure Miscellaneous Reporting Issues Applying the Standardized Audit Program SUMMARY

7 SECTION II: STANDARDIZED AUDIT PROGRAM 1 PROJECT INITIATION AND MANAGEMENT 1.1 Scope, Objectives and Format 1.2 Organizational BCM Integration 1.3 Financial Planning and BCM Budget OVERVIEW CHAPTER 1 AUDIT ITEMS 2. RISK MANAGEMENT AND EVALUATION 2.1 Risk Identification, Loss Potentials, Vulnerabilities 2.2 Risk Analysis Methodologies and Tools 2.3 Risk Evaluation and Control OVERVIEW CHAPTER 2 AUDIT ITEMS 3 BUSINESS IMPACT ANALYSIS ACTIVITIES 3.1 A comprehensive business impact analysis has been performed. 3.2 A list of prioritized business processes exists. 3.3 All vendors, suppliers, and third-party companies that are relied upon have a business continuity plan. 3.4 An adequate level of business interruption insurance is established. 3.5 Business process interdependencies are defined. 3.6 Maximum tolerable downtimes (MTDs) are established on the basis of financial and operational impacts of a disruption to normal business operations. 3.7 Maximum times in alternative operations (MTAs) for all business processes are defined and documented. OVERVIEW CHAPTER 3 AUDIT ITEMS 4 EMERGENCY RESPONSE AND OPERATIONS 4.1 Command and Control 4.2 Response Steps OVERVIEW CHAPTER 4 AUDIT ITEMS 5 BCM STRATEGY 5.1 Strategy Requirements 5.2 BIA Alignment 5.3 Outsourcing / Insourcing Issues 5.4 Enterprise-wide Strategy OVERVIEW CHAPTER 5 AUDIT ITEMS

8 6 DETAILED BUSINESS CONTINUITY PLANNING 6.1 Plan Development Requirements 6.2 Recovery Management and Control Requirements 6.3 Format and Structure of Plan Components 6.4 Operational Planning 6.5 Detailed Implementation 6.6 Plan Distribution and Control OVERVIEW CHAPTER 6 AUDIT ITEMS 7 TRAINING AND AWARENESS 7.1 Business Continuity Awareness 7.2 BCM Training and Awareness OVERVIEW CHAPTER 7 AUDIT ITEMS 8 MAINTENANCE AND EXERCISE 8.1 Plan Testing 8.2 Plan Maintenance OVERVIEW CHAPTER 8 AUDIT ITEMS 9 PUBLIC RELATIONS AND COMMUNICATIONS 9.1 Public Relations 9.2 Crisis Communications OVERVIEW CHAPTER 9 AUDIT ITEMS 10 COORDINATION WITH PUBLIC AUTHORITIES Regulatory Framework 10.2 Coordination with Disaster Recovery and Business Continuity Agencies OVERVIEW CHAPTER 10 AUDIT ITEMS 11. COUNTRY-SPECIFIC ISSUES 11.1 Germany 11.2 Australia, New Zealand 11.3 Austria 11.4 Italy and Greece 11.5 United States and Canadian Standards on BCM and Risk Management OVERVIEW CHAPTER 11 AUDIT ITEMS 12. SOFTWARE-BASED PLANNING 12.1 General Status 12.2 Technical Status 12.3 Software Functionality OVERVIEW CHAPTER 12 AUDIT ITEMS

9 APPENDIX A: SAMPLE AUDIT REPORT (FORMATTED) APPENDIX B: SAMPLE WORK PAPERS (FORMATTED) Sample 1: Audit Item from Area 1 (Project Initiation and Management) Sample 2: Audit Item from Area 2 (Risk Evaluation and Control) Sample 3: Audit Item (complex) from Area 6 (Detailed Planning) Sample 4: Audit Item (complex) from Area 7 (Training and Awareness) BIBLIOGRAPHY ABOUT THE AUTHOR ABOUT THE PUBLISHER - ABOUT THE AUTHOR Rolf von Roessing is head of esecurity Services and head of BCM for Austria, Croatia, Slovakia, Slovenia for Ernst & Young Vienna. He has extensive experience in business continuity management, information security and traditional security. He has worked with Ernst & Young in several European and global offices, including specialist assignments such as Y2K subject matter expert and active participation in several global core teams for business continuity. His current position includes BCM and security-related responsibilities, and he heads these service lines for Austria and several other countries. Rolf is a board member of the Business Continuity Institute (BCI) and holds an MBCI certification. He is an active participant of the Institute's education committee, working towards integration of BCM best practices and tertiary education programs. These developments include the consolidation and publication of BCM knowledge, academic and research work. In Austria, Rolf has contributed to several standardization and codification initiatives, notably the ISO introduction as a common standard throughout the country. He frequently supervises security-related certification examinations and has presented various lectures and training courses on business continuity management in a European context. Rolf holds postgraduate degrees in Britain, France and Germany, as well as the CISA (Certified Information Systems Auditor) and CISSP (Certified Information Systems Security Professional) professional certifications. "Auditing Business Continuity: Global Best Practices" is his first major book, following a solid background of academic publications and professional papers.

Business Continuity. Building a Program Fit for Purpose

Business Continuity. Building a Program Fit for Purpose Business Continuity. Building a Program Fit for Purpose Tim Janes. Director Fulcrum Risk Services Tuesday 2 September. 11.30-12.45 T Janes. BC SLIDES. RIMS Risk Forum Aust 2014 v1.0 Building a BC Program

More information

Moving from BS to ISO The new international standard for business continuity management systems

Moving from BS to ISO The new international standard for business continuity management systems Transition Guide Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems Extract from The Route Map to Business Continuity Management: Meeting the

More information

BUSINESS CONTINUITY MANAGEMENT

BUSINESS CONTINUITY MANAGEMENT BUSINESS CONTINUITY MANAGEMENT RCG020-V1-01/2017 Page 1 2017 Royal & Sun Alliance Insurance plc Contents Introduction... 3 Business Continuity Management... 3 Getting started... 3 Business Impact Analysis...

More information

ISO whitepaper, January Inspiring Business Confidence.

ISO whitepaper, January Inspiring Business Confidence. Inspiring Business Confidence. ISO 31000 whitepaper, January 2015 Author: Graeme Parker enquiries@parkersolutionsgroup.co.uk www.parkersolutionsgroup.co.uk ISO 31000 is an International Standard for Risk

More information

Good Practice Guidelines 2013 Global Edition Edited Highlights

Good Practice Guidelines 2013 Global Edition Edited Highlights Good Practice Guidelines 2013 Global Edition Edited Highlights A Guide to Global Good Practice in Business Continuity Contents of Edited Highlights Good Practice Guidelines 2013 Global Edition Edited Highlights

More information

The Best Offense. Presented by: Kimberly Hirsch MBCP, MBCI, ISO22301 Lead Auditor Fusion Risk Management

The Best Offense. Presented by: Kimberly Hirsch MBCP, MBCI, ISO22301 Lead Auditor Fusion Risk Management The Best Offense Presented by: Kimberly Hirsch MBCP, MBCI, ISO22301 Lead Auditor Fusion Risk Management Agenda Welcome and Introduction Governance and Compliance Liability Issues BC Standards Requirements

More information

Introducing ISO 22301

Introducing ISO 22301 Introducing ISO 22301 1 2 Background How was the ISO22301 formed? Contributors 3 Context 4 Source documents included BS25999-2 NFPA 1600 ASIS OR standard Singapore standards ISO 27031 ISO Guide 73 ISOPAS22399

More information

Citizens Property Insurance Corporation Business Continuity Framework

Citizens Property Insurance Corporation Business Continuity Framework Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...

More information

ISO Business Continuity Management. Your implementation guide

ISO Business Continuity Management. Your implementation guide ISO 22301 Business Continuity Management Your implementation guide Build a robust and resilient organization with ISO 22301 It s never been more important to protect your business from the unexpected.

More information

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector The Sector Skills Council for the Financial Services Industry National Occupational Standards Risk Management for the Financial Sector Final version approved April 2009 IMPORTANT NOTES These National Occupational

More information

Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA

Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Understand the context and relevance of BCM A Philippine & Telco Perspective Comprehend how

More information

Business Continuity Management Policy. Guidance

Business Continuity Management Policy. Guidance Management Guidance Document Type: Guidance Parent Policy: Management Policy Policy Owner: Chief Supt Department: Document Writer: Co-ordinator Effective Date: 12 th March 2015 Review Date: 12 th March

More information

BCP Methodology Benefits realisation

BCP Methodology Benefits realisation www.pwc.com.cy BCP Methodology Benefits realisation Risk Assurance Consulting (RAC) Risk Assurance Consulting (RAC) helps management to make well informed decisions. The insight and independent assurance

More information

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali MANAGING OPERATIONAL RISK IN THE 21 ST CENTURY White Paper Series Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali 2 In today s competitive and

More information

US Business Continuity Safeguarding Your Business from a Disaster

US Business Continuity Safeguarding Your Business from a Disaster US Business Continuity Safeguarding Your Business from a Disaster Juanita Hardin BMO Harris Bank Head TPS Risk and Compliance William Simmons BMO Harris Bank Vice President Business Continuity Management

More information

Contents. viii. List of figures. List of tables. OGC s foreword. 6 Organizing for Service Transition 177. Chief Architect s foreword.

Contents. viii. List of figures. List of tables. OGC s foreword. 6 Organizing for Service Transition 177. Chief Architect s foreword. iii Contents List of figures List of tables OGC s foreword Chief Architect s foreword Preface Acknowledgements v vii viii 1 Introduction 1 ix xi xii 1.1 Overview 3 1.2 Context 3 1.3 Goal and scope of Transition

More information

ENTERPRISE RISK SERVICES Managing Risk, Driving Results

ENTERPRISE RISK SERVICES Managing Risk, Driving Results ENTERPRISE RISK SERVICES Managing Risk, Driving Results Risk Management Solutions At MNP, our Enterprise Risk Services team assists organizations as they navigate through uncertainty by helping them effectively

More information

Business Continuity & IT Disaster Recovery

Business Continuity & IT Disaster Recovery Business Continuity & IT Disaster Recovery DONALD L. SCHMIDT, ARM, CBCP, MCP, CBCLA, CEM PREPAREDNESS, LLC MARCH 30, 2017 www.preparednessllc.com What are Business Continuity & IT Disaster Recovery? BUSINESS

More information

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS SAMPLE SELF-ASSESSMENT TOOL INTRODUCTION The purpose of this tool is to help determine

More information

H5PL 04 (SCDLMCS A1) Manage and Develop Yourself and Your Workforce Within Care Services

H5PL 04 (SCDLMCS A1) Manage and Develop Yourself and Your Workforce Within Care Services H5PL 04 (SCDLMCS A1) Manage and Develop Yourself and Your Workforce Within Care Services Overview This Unit is for leaders and managers of care services. It is about managing and developing yourself and

More information

Getting Started with Risk in ISO 9001:2015

Getting Started with Risk in ISO 9001:2015 Getting Started with Risk in ISO 9001:2015 Executive Summary The ISO 9001:2015 standard places a great deal of emphasis on using risk to drive processes and make decisions. The old mindset of using corrective

More information

ISACA. The recognized global leader in IT governance, control, security and assurance

ISACA. The recognized global leader in IT governance, control, security and assurance ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About

More information

Presentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC

Presentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC Presentation on Crisis Management and Business Continuity ISCA Breakfast Talk 13 September 2017 See Hong Pek, Partner, . Some definitions.. Business Continuity is the: Capacity of the organization to continue

More information

Business Continuity vs. Operational Risk Management vs. Business Resiliency. Karen Dye Oakley, CBCP, MBCI

Business Continuity vs. Operational Risk Management vs. Business Resiliency. Karen Dye Oakley, CBCP, MBCI Business Continuity vs. Operational Risk Management vs. Business Resiliency Karen Dye Oakley, CBCP, MBCI www.karendyeconsulting.com Background Most recently with Sun Microsystems, Inc. Director, Global

More information

A Risk Management Process for Information Security and Business Continuity

A Risk Management Process for Information Security and Business Continuity A Risk Management Process for Information Security and Business Continuity João Carlos Gonçalves Fialho Instituto Superior Técnico - Taguspark joaogfialho@gmail.com ABSTRACT It was from the DNS.PT internship

More information

Joint submission by Chartered Accountants Australia and New Zealand and The Association of Chartered Certified Accountants

Joint submission by Chartered Accountants Australia and New Zealand and The Association of Chartered Certified Accountants Joint submission by Chartered Accountants Australia and New Zealand and The Association of Chartered Certified Accountants [28 July 2017] TO: Professor Arnold Schilder The Chairman International Auditing

More information

Societal security Business continuity management systems Guidance

Societal security Business continuity management systems Guidance ISO 22313:2012 AS ISO 22313:2017 Societal security Business continuity management systems Guidance This Australian Standard was prepared by Committee MB-025, Security and Resilience. It was approved on

More information

Organisational Resilience and BCM

Organisational Resilience and BCM Organisational Resilience and BCM In recognising there is a link between organisational resilience and being competitive - How do you measure up? This paper is by Dr David J. Smith MBA LL.B(Hons) FIBCM

More information

A Guide to Business Continuity

A Guide to Business Continuity A Guide to Business Continuity Getting Started Business Continuity Management is a process driven from the top of the organisation. The first stage has to be an acceptance by the Board or the Executive

More information

Your unique family, our unique approach.

Your unique family, our unique approach. Your unique family, our unique approach. Because KPMG knows every family is different, we provide bespoke advice to establish and operate your family office and grow and preserve your legacy. KPMG Enterprise

More information

Ministerial Review - Better Responses to Natural Disasters and Other Emergencies in New Zealand. Submission by the Engineering Leadership Forum

Ministerial Review - Better Responses to Natural Disasters and Other Emergencies in New Zealand. Submission by the Engineering Leadership Forum Ministerial Review - Better Responses to Natural Disasters and Other Emergencies in New Zealand Introduction Submission by the Engineering Leadership Forum 7 July 2017 1. Thank you for the opportunity

More information

Guidelines for FIBAA Experts in Accreditation & Certification Procedures

Guidelines for FIBAA Experts in Accreditation & Certification Procedures Guidelines for FIBAA Experts in Accreditation & Certification Procedures Dear FIBAA Expert! We are very delighted to have you as a FIBAA Expert at our side! Accreditation and Certification procedures in

More information

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM) The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview

More information

Integrative Action for Resilience

Integrative Action for Resilience Integrative Action for Resilience Progress Through Community-Research Partnerships Informational Webinar March 19, 2018 Speakers Tracy Costigan, Ph.D. Senior Learning Officer Robert Wood Johnson Foundation

More information

When Recognition Matters TRAINING AND CERTIFICATION CATALOGUE

When Recognition Matters TRAINING AND CERTIFICATION CATALOGUE When Recognition Matters TRAINING AND CERTIFICATION CATALOGUE 2017 www.pecb.com Table of Contents THE IMPORTANCE OF PECB TRAINING COURSES IN YOUR EVERYDAY LIFE... 5 CHOOSE WHICH COURSE IS RIGHT FOR YOU...

More information

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for

More information

KEY. riskupdate PREDICTIONS FOR Risk Reward. Jan 2011

KEY. riskupdate PREDICTIONS FOR Risk Reward. Jan 2011 riskupdate Risk Reward Jan 2011 The quarterly independent risk review for banks and financial institutions worldwide 10 KEY PREDICTIONS FOR 2011 Also in this issue DO WE HAVE ANYTHING NEW SINCE 2008 TO

More information

Draft Sample ISO 9001:2015 Into the Future (KIS) October Annex SL (New ISO format for standards)

Draft Sample ISO 9001:2015 Into the Future (KIS) October Annex SL (New ISO format for standards) INDEX Page Section Description 1 Index 2 0.0 Introduction and Summary 9 1.0 KIS Step 1 11 2.0 KIS Step 2 17 3.0 Annex SL (New ISO format for standards) 21 4.0 ISO Standards, structure and awareness 27

More information

Clause-byclause. Interpretation. Transitioning to ISO 9001:2015

Clause-byclause. Interpretation. Transitioning to ISO 9001:2015 We re committed to helping you and your organization understand the updated requirements. This guidance document identifies the steps you should take to achieve compliance to ISO 9001:2015, and more importantly;

More information

Business Continuity Maturity Model Margaret D. Langsett Executive Vice President Virtual Corporation

Business Continuity Maturity Model Margaret D. Langsett Executive Vice President Virtual Corporation Business Continuity Maturity Model Margaret D. Langsett Executive Vice President Virtual Corporation 1 Agenda History and Overview of BCMM Proprietary BCMM BCMM Assessment Training Class BCMM International

More information

Head of Security and Business Continuity

Head of Security and Business Continuity Services Security and Business Continuity Ser-Sec-003 07/11/2017 Author Name Author Job Title Alan Cain Head of Security and Business Continuity Version No. 1.1 EIA Approval Date 28/06/2017 Committee Recommend

More information

On the Revision of the Standards and Practice Standards for. Management Assessment and Audit concerning Internal Control

On the Revision of the Standards and Practice Standards for. Management Assessment and Audit concerning Internal Control (Provisional translation) On the Revision of the Standards and Practice Standards for Management Assessment and Audit concerning Internal Control Over Financial Reporting (Council Opinions) Released on

More information

Conducting a Recruitment and Selection Process Sample Tools, Templates and Operating Guidelines

Conducting a Recruitment and Selection Process Sample Tools, Templates and Operating Guidelines Conducting a Recruitment and Selection Process Sample Tools, Templates and Operating Guidelines Prepared by: Carmen Drouin & Associates, January 2015 Prepared for: National Sport Federation Services Canadian

More information

Business Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini

Business Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini Business Continuity Planning LGMA Conference October 27, 2011 Presented by Lisa Benini What is it? Business Continuity Planning Definition: Process of developing and documenting advance arrangements and

More information

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010 Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified

More information

Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013

Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013 Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013 Carey A. Loukides, CBCP, ARM, MBCI Senior Consultant, Global Risk Consulting Enterprise Risk Management, Business Continuity

More information

Management Update: A Business Continuity Management Program Is Critical

Management Update: A Business Continuity Management Program Is Critical IGG-07162003-03 R. Witty Article 16 July 2003 Management Update: A Business Continuity Management Program Is Critical Enterprises that do not have a business continuity management (BCM) program are on

More information

HOW TO WRITE A WINNING PROPOSAL

HOW TO WRITE A WINNING PROPOSAL HOW TO WRITE A WINNING PROPOSAL WHAT IS A PROPOSAL? A proposal is a picture of a project, it is NOT the project. In that sense, it is based on your project plan but may be quite different from the Project

More information

BUSINESS CONTINUITY AS A SERVICE

BUSINESS CONTINUITY AS A SERVICE BUSINESS CONTINUITY AS A SERVICE CONFIDENCE IN CONTINUITY From the launch of the UK s first managed online backup services over 15 years ago, to our leading Disaster Recovery as a Service (featured in

More information

Media Training Learning from the Professionals

Media Training Learning from the Professionals Media Training Learning from the Professionals » Communicating and presenting around the world after a media training course with DW-AKADEMIE you will impress with your presence. «Learning from the Professionals

More information

People Are the Key Strategic Resource

People Are the Key Strategic Resource People Are the Key Strategic Resource In today s intensely competitive and globalize marketplace, maintaining a competitive advantage by becoming a low cost leader or a differentiator puts a heavy premium

More information

ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices

ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices INTERNATIONAL STANDARD ISO 31000 First edition 2009-11-15 Risk management Principles and guidelines Management du risque Principes et lignes directrices http://mahdi.hashemitabar.com Reference number ISO

More information

Business Continuity Training and Testing: Narrowing the Gaps

Business Continuity Training and Testing: Narrowing the Gaps Business Continuity Training and Testing: Narrowing the Gaps Betty A. Kildow, CBCP, FBCI, Emergency Management Consultant Kildow Consulting 765/483-9365; BettyKildow@insightbb.com 92 nd Annual International

More information

GOOD PRACTICE GUIDELINES 2010

GOOD PRACTICE GUIDELINES 2010 GOOD PRACTICE GUIDELINES 2010 The Business Continuity Institute Global Edition A Management Guide to Implementing Global Good Practice in Business Continuity Management Contents Contents Acknowledgments...1

More information

IPSec Professional Risk Victorian Protective Data Security Standards Compliance Services Overview in Brief

IPSec Professional Risk Victorian Protective Data Security Standards Compliance Services Overview in Brief IPSec Professional Risk Victorian Protective Data Security Standards Compliance Services Overview in Brief Date: March 2017 Copyright & Confidentiality This document is copyright IPSec Pty Ltd (IPSec).

More information

Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets

Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning MIS5206 Week 9 Case study discussion Business Continuity Planning (BCP) and Disaster Recovery (DR) Planning Test

More information

Proposed application material relating to professional scepticism and professional judgement

Proposed application material relating to professional scepticism and professional judgement Proposed application material relating to professional scepticism and professional judgement An exposure draft issued for public consultation by the International Ethics Standards Board for Accountants

More information

Diversified Services. Our Diversified Services include:

Diversified Services. Our Diversified Services include: Diversified Services GRC s innovative approach to risk management entails consistent development of new services to better serve our clients. By continuously striving to meet our clients' needs, GRC's

More information

Quality Management System Guidance. ISO 9001:2015 Clause-by-clause Interpretation

Quality Management System Guidance. ISO 9001:2015 Clause-by-clause Interpretation Quality Management System Guidance ISO 9001:2015 Clause-by-clause Interpretation Table of Contents 1 INTRODUCTION... 4 1.1 IMPLEMENTATION & DEVELOPMENT... 5 1.2 MANAGING THE CHANGE... 5 1.3 TOP MANAGEMENT

More information

Expert Report for Prof David Hall. Professional. Styles

Expert Report for Prof David Hall. Professional. Styles Expert Report for Prof David Hall Professional Styles Contents Introduction to Assessment Report... 3 Executive Summary Profile... 4 Psychometric Profile Overview... 5 Psychometric Profile - Thought Cluster...

More information

White Paper: ITSC Planning: Performing Business Impact Analysis

White Paper: ITSC Planning: Performing Business Impact Analysis White Paper: ITSC Planning: Performing Business As given by ITIL, IT strives to ensure that the required technical and services facilities can be recovered within required and agreed business timescales.

More information

TABLE OF CONTENTS WATER SERVICES ASSOCIATION OF AUSTRALIA PROCESS BENCHMARKING AUDIT PROTOCOLS COPYRIGHT:... 3

TABLE OF CONTENTS WATER SERVICES ASSOCIATION OF AUSTRALIA PROCESS BENCHMARKING AUDIT PROTOCOLS COPYRIGHT:... 3 WATER SERVICES ASSOCIATION OF AUSTRALIA AUDIT PROTOCOL FOR THE AQUAMARK ASSET MANAGEMENT PROCESS BENCHMARKING PROJECT DECEMBER 2007 TABLE OF CONTENTS COPYRIGHT:... 3 1.0 INTRODUCTION:... 4 1.1 OVERVIEW...

More information

Business Continuity Framework

Business Continuity Framework Business Continuity Framework A definition to the Components of Resiliency March, 1 Business Continuity Framework 1. INTRODUCTION... 3 2. PURPOSE... 3 3. THE FRAMEWORK... 4 4. STEERING COMMITTEE... 5 5.

More information

Annual Assessment of the External Auditor

Annual Assessment of the External Auditor Annual Assessment of the External Auditor TOOL FOR AUDIT COMMITTEES January 2014 ENHANCING AUDIT QUALITY AUDIT COMMITTEES iii Table of Contents Introduction 1 1. Determine the scope, timing and process

More information

Audit quality a director s guide

Audit quality a director s guide Audit quality a director s guide November 2017 This handbook offers guidance for directors and shareholders of New Zealand FMC reporting entities about how to improve audit quality Contents About this

More information

Social Media Manager Job Description: a Complete Guide

Social Media Manager Job Description: a Complete Guide - Social Media Manager Job Description: a Complete Guide Duties, responsibilities and qualifications required to succeed in today's digital marketing environment - Social Media Manager Job Description:

More information

Standard on Assurance Engagements ASAE 3500 Performance Engagements

Standard on Assurance Engagements ASAE 3500 Performance Engagements ASAE 3500 (July 2008) (Amended October 2008) Standard on Assurance Engagements ASAE 3500 Issued by the Auditing and Assurance Standards Board Obtaining a Copy of this Standard on Assurance Engagements

More information

Benefits Advisor Centre Based

Benefits Advisor Centre Based Maggie Keswick Jencks Cancer Caring Centres Trust Job Description 1. JOB TITLE: Benefits Advisor Maggie s REPORTS TO: Centre Head PROFESSIONAL SUPERVISION Staff Support Groups Maggie s policies and procedures

More information

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Learning Objectives To understand the concept of Business Continuity Management; To understand the key phases and components of a Business

More information

Audit and Advisory Services Integrity, Innovation and Quality

Audit and Advisory Services Integrity, Innovation and Quality Audit and Advisory Services Integrity, Innovation and Quality Follow-up Progress Assessment of the Audit of IM/IT Project Life Cycle Controls 1577-13/14-101 Table of Contents EXECUTIVE SUMMARY 1 1. Introduction

More information

SAP at Accenture. The Journey of Running Accenture on a Single Global Instance

SAP at Accenture. The Journey of Running Accenture on a Single Global Instance SAP at Accenture The Journey of Running Accenture on a Single Global Instance 2 Transitioning from a private partnership to a global public company gave Accenture the opportunity to create an ERP strategy

More information

A Quality Assurance Framework for SE Region LSCBs

A Quality Assurance Framework for SE Region LSCBs A Quality Assurance Framework for SE Region LSCBs Contents Final July 2013 Janet Galley Independent Consultant Introduction 2 Components of Framework: Section A: Building Blocks 5 Section B: Quantitative

More information

Evaluating Internal Controls

Evaluating Internal Controls A SSURANCE AND A DVISORY BUSINESS S ERVICES Fourth in the Series!@# Evaluating Internal Controls Evaluating Overall Effectiveness, Identifying Matters for Improvement, and Ongoing Assessment of Controls

More information

Incident Management Systems:

Incident Management Systems: Emergency Notification Incident Management Incident Management Systems: A Business Continuity Program Game-Changer Table of Contents Introduction Poised for Mainstream Adoption Marketplace Confusion Standardization

More information

Tech deficit. June 2014

Tech deficit. June 2014 Tech deficit June 2014 Executive Summary Breaking into new markets, meeting customer requirements and increasing profitability are key objectives for all companies. Efficient and adaptable technology is

More information

A COMPARATIVE STUDY ABOUT INTERNAL AUDITING APPROACH BETWEEN GERMANY AND CHINA

A COMPARATIVE STUDY ABOUT INTERNAL AUDITING APPROACH BETWEEN GERMANY AND CHINA A COMPARATIVE STUDY ABOUT INTERNAL AUDITING APPROACH BETWEEN GERMANY AND CHINA Yuedong Li Southwestern University of Finance & Economics College of Accountancy Chengdu City, Sichuan Province, China Paper

More information

Sarbanes-Oxley and the New Internal Auditing Rules

Sarbanes-Oxley and the New Internal Auditing Rules Sarbanes-Oxley and the New Internal Auditing Rules ROBERT R. MOELLER John Wiley & Sons, Inc. Sarbanes-Oxley and the New Internal Auditing Rules Sarbanes-Oxley and the New Internal Auditing Rules ROBERT

More information

REVISED CORPORATE GOVERNANCE PRINCIPLES FOR BANKS (CONSULTATION PAPER) ISSUED BY THE BASEL COMMITTEE ON BANKING SUPERVISION

REVISED CORPORATE GOVERNANCE PRINCIPLES FOR BANKS (CONSULTATION PAPER) ISSUED BY THE BASEL COMMITTEE ON BANKING SUPERVISION January 9, 2015 Secretariat of the Basel Committee on Banking Supervision Bank for International Settlements CH-4002 Basel, Switzerland Submitted via http://www.bis.org/bcbs/commentupload.htm REVISED CORPORATE

More information

HSE Integrated Risk Management Policy. Part 1. Managing Risk in Everyday Practice Guidance for Managers

HSE Integrated Risk Management Policy. Part 1. Managing Risk in Everyday Practice Guidance for Managers HSE Integrated Risk Management Policy Part 1 Managing Risk in Everyday Practice Guidance for Managers HSE Integrated Risk Management Policy Part 1 Managing Risk in Everyday Practice Guidance for Managers

More information

Questions a Board may ask to understand how an organisation controls its risks

Questions a Board may ask to understand how an organisation controls its risks Questions a Board may ask to understand how an organisation controls its risks Styrets spørsmål til administrasjon Questions a Board may ask to understand how an organisation controls its risks RESPONSIBILITY

More information

INTERNATIONAL STANDARD

INTERNATIONAL STANDARD INTERNATIONAL STANDARD ISO 22301 First edition 2012-05-15 Corrected version 2012-06-15 Societal security Business continuity management systems Requirements Sécurité sociétale Gestion de la continuité

More information

Stocktake of IT risk supervision practices

Stocktake of IT risk supervision practices Stocktake of IT risk supervision practices IT supervision outside European banking supervision 1 Introduction Between December 2015 and July 2016 the ECB organised working visits with the prudential banking

More information

An Overview of the 2013 COSO Framework. August 2013

An Overview of the 2013 COSO Framework. August 2013 An Overview of the 2013 COSO Framework August 2013 Introduction Dean Geesler, KPMG Senior Manager Course Objectives Summarize the key changes from the 1992 Framework to the 2013 Framework including the

More information

B2B Integration Managed Services Provider Profiles: Axway

B2B Integration Managed Services Provider Profiles: Axway B2B Integration Managed Services Provider Profiles: Axway Publication Date: 03 May 2017 Product code: IT0022-000957 Saurabh Sharma Summary Catalyst This report provides an overview of Axway's business-to-business

More information

Business Continuity Institute Responding To The Resilience Challenge

Business Continuity Institute Responding To The Resilience Challenge Business Continuity Institute Responding To The Resilience Challenge BCI 20/20 UK Group white paper Introduction Responding to the resilience challenge Recent events continue to demonstrate the increasing

More information

Financial Industry Summit on Business Continuity Federal Reserve Bank of New York February 26, Meeting Summary

Financial Industry Summit on Business Continuity Federal Reserve Bank of New York February 26, Meeting Summary Financial Industry Summit on Business Continuity Federal Reserve Bank of New York February 26, 2002 Meeting Summary 1. Welcoming Remarks and Summit Focus The Financial Industry Summit on Business Continuity

More information

Job Description. Background. Date: April No. of reports: Nil. Delegated Financial Authority: (If applicable)

Job Description. Background. Date: April No. of reports: Nil. Delegated Financial Authority: (If applicable) Job Description Job Title: Management Accountant Date: April 2018 Responsible to: Location: Job Status: No. of reports: Delegated Financial Authority: (If applicable) Finance and Facilities Manager Wellington

More information

IAASB Main Agenda (December 2009) Agenda Item. Engagements to Compile Financial Information Issues and IAASB Task Force Proposals I.

IAASB Main Agenda (December 2009) Agenda Item. Engagements to Compile Financial Information Issues and IAASB Task Force Proposals I. Agenda Item 3-A Engagements to Compile Financial Information Issues and IAASB Task Force Proposals I. Objective 1. The objective of this Paper is to consider significant issues to be addressed in the revision

More information

On the Path to ISO Accreditation

On the Path to ISO Accreditation On the Path to ISO 17025 Accreditation What We Wish We d Known Before We Started And Some Definitions: Language of ISO 17025 Version: 2013-08-29 1 Susan Humphries, QA Officer Bureau of Food Laboratories,

More information

Trust Your Suppliers, Manage Your Risk The Importance of Third-Party Supplier Visibility About Perfect Commerce

Trust Your Suppliers, Manage Your Risk The Importance of Third-Party Supplier Visibility About Perfect Commerce Trust Your Suppliers, Manage Your Risk The Importance of Third-Party Supplier Visibility About Perfect Commerce Since 1994, Perfect Commerce has been automating spend management initiatives offering world-class

More information

Business Continuity: Can Orange County Stay Open for Business After a Disaster?

Business Continuity: Can Orange County Stay Open for Business After a Disaster? Business Continuity: Can Orange County Stay Open for Business After a Disaster? 1. Summary Orange County government agencies have comprehensive and tested plans for responding to emergencies and for providing

More information

Charta Porta Service Offerings for MPS

Charta Porta Service Offerings for MPS Charta Porta Service Offerings for MPS November 2017 Paul Martin Consultant Charta Porta Ltd paul@chartaporta.com 07496 862279 Confidentiality Notice Charta Porta rights of intellectual property are applicable

More information

THE COMPLETE GUIDE TO FDA-REGULATED SUPPLIER QUALIFICATION & QUALITY MANAGEMENT

THE COMPLETE GUIDE TO FDA-REGULATED SUPPLIER QUALIFICATION & QUALITY MANAGEMENT THE COMPLETE GUIDE TO FDA-REGULATED SUPPLIER QUALIFICATION & QUALITY MANAGEMENT A risk-based approach to qualifying, managing and auditing third party providers TABLE OF CONTENTS 1 Outsourcing under greater

More information

If It s not a Business Initiative, It s not COBIT 5

If It s not a Business Initiative, It s not COBIT 5 If It s not a Business Initiative, It s not COBIT 5 Steve Romero CISSP PMP CPM Romero Consulting Core Competencies C22 CRISC CGEIT CISM CISA 1 9/13/2013 1 COBIT Page 11 COBIT 5 product family 2 COBIT Page

More information

A Risk Practitioners Guide to ISO 31000: 2018

A Risk Practitioners Guide to ISO 31000: 2018 A Risk Practitioners Guide to ISO 31000: 2018 Review of the 2018 version of the ISO 31000 risk management guidelines and commentary on the use of this standard by risk professionals 1 A Risk Practitioners

More information

Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA

Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA Presenters: James Russell Collingwood, ASA, MAAA David Paul, FCAS, MAAA Chad R. Runchey,

More information

Pass4sure.ITIL-F.347.QA

Pass4sure.ITIL-F.347.QA Pass4sure.ITIL-F.347.QA Number: ITIL-F Passing Score: 800 Time Limit: 120 min File Version: 19.1 http://www.gratisexam.com/ ITIL-F.EN.dat ITIL Foundation Enjoy the real success with nicely written Questions

More information

UNISDR Science and Technology Conference on the implementation of the Sendai Framework for Disaster Risk Reduction

UNISDR Science and Technology Conference on the implementation of the Sendai Framework for Disaster Risk Reduction UNISDR Science and Technology Conference on the implementation of the Sendai Framework for Disaster Risk Reduction 2015-2030 Launching UNISDR Science and Technology Partnership and the Science and Technology

More information

The Institute of Corporate Directors Comment Letter to Auditing and Assurance Standards Board on Changes to the Audit Report

The Institute of Corporate Directors Comment Letter to Auditing and Assurance Standards Board on Changes to the Audit Report February 5, 2016 The Institute of Corporate Directors Comment Letter to Auditing and Assurance Standards Board on Changes to the Audit Report Introduction In overseeing the financial reporting process,

More information