Organisation Name: Chatterbox Ltd Standard Being Audited: ISO 22301:2012

Transcription

1 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 1 of 8 Organisation Name: Chatterbox Ltd Standard Being Audited: ISO 22301:2012 Address: 1 Guards Avenue, The Village, Caterham-on-the-Hill, Surrey CR3 5XL Other Addresses: None Contact Name: Alan Rogers Contact Position: Compliance Manager Tel: +44 (0) Current Cert Exp: 26 th April arogers@chatterboxradio.com Web: Scope of Organisation Cert: Sales, Hire, Repair and Maintenance of Two Way Radio Devices & Systems and Alarm Monitoring. The Secure Storage of Data Received as and Where Necessary. Scope Of Audit: Stage One: X Stage Two: X Surveillance: Re Certification: X Organisation Reg: Certification Reg: UKE Exclusions: Audit Boundary: (Locations audited) Previous Issues: Confirm Closeout: Offices, workshop & inspection areas N/A N/A Other Standards Held: Manufacturing Service Industry Number Of Staff: X Full Time: 12 Part Time: , Number of Addresses Covered : By This Certification: Non Conformances: Critical: 0 Minor: 0 Observations: 01 See below and in the content of this report for details Auditor Comments: (Overview Of Findings) There Were 01 Observations Found At This Audit: Section 10, of This Report There Were 0 Minor Non-Conformances Found At This Audit: Sections 00, of This Report There Were 0 Critical Non-Conformances Found At This Audit: Sections 00, of This Report It Is Therefore Recommended By The Auditor That Certification Is Continued Conformance:

2 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 2 of 8 AUDIT COMPLIANCE The auditor/s confirm that there is no known conflict of interest with the organisation being audited. The organisation confirms that it will not conceal any evidence that might influence the results of this audit. Print Name Position For Audit Team Les Jones Lead Auditor For Organisation Alan Rogers Director PRESENT Name Position Opening Meeting Closing Meeting 1 Gary Leatherby Director 2 Alan Rogers Standards Representative 3 X X 4 X X 5 X X 6 X X 7 X X 8 X X The audit team must be free to speak to any relevant member of staff that they feel may assist their findings. Conformance:

3 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 3 of 8 # Standard Section Conf Remarks/Evidence(non-conformances & observations in Red type) 01 Context of the Organisation The context of the organisation enables the ability of the company to supply a fit for purpose product and service. 02 Needs and Expectations of Interested Parties The needs and expectations of each customer are taken in to account when the company determins its ability to supply a fit for purpose service. 03 Legal and Regulatory Requirements Documented procedure held in the Standard Operating procedures manual (SOP) 04 Scope of the BCMS The scope of the standard is shown in the BCMS manual, and was updated in Leadership and Commitment The orgnaisation chart shows the leadership structure, the policy shows commitment 06 Management Commitment The management shows a strong commitment to all standards in place 07 BCMS Policy The Policy is on display and available to all staff. 08 Roles, Responsibility and Authority Roles and responsibilities are shown in the BCMS manual in the organisation chart 09 Risks and Opportunities Risks have been determined as have opportunities for improvement when producing the Business Continuity plan Conformance:

4 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 4 of 8 # Standard Section Conf Remarks/Evidence(non-conformances & observations in Red type) 10 BCMS Objectives and Plans O Objectives have been determined and the plans created to ensure business continuity is in place to the best of the company s abilitiies. is in place A BCMS objective to be added 11 Provision Of BCMS Resources Staff, product and management resources are available to ensure the plan will work when called upon. Tests are carried out fro time to time to ensure improvement. 12 Competence, Awareness & Training Training is carried out to ensure all staff are aware of their function in the event of a failure, with elements of the plan tested for refinement. is in place 13 Communication Internal/External Communication is in place both internal and external as well as backup systems where possible. 14 Documents and Control s is in place in line with the requirements of ISO Records and Data Control s is in place in line with the requirements of ISO Operational Planning and Control Carried out by senior management and advised to all staff. 17 Business Impact Analysis A business impact analysis is in place and reviewed annually 18 Risk Asessment Risk assessments are in place, method statements are in place for various elements of the business Conformance:

5 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 5 of 8 # Standard Section Conf Remarks/Evidence(non-conformances & observations in Red type) 19 Determination of Continuity Strategy Strategy is laid down in the business continuity plan for the most likely eventualities 20 Resource Requirements The resources are in place, both on and off premises to deal with events in a timely manner 21 Protection and Mitigation Protection and mitigation plans are in place where required, and updated annually 22 Business Continuity s There are sufficient procedures in place to ensure plans run as well as can be determined in the event of failure. 23 Incident Response Structure The business continuity plans are in place, and will be practiced from time to time. 24 Warning and Communication Communication is considered to be a vital part of the company s ongoing strategy for success, and so is treated very seriously. 25 Continuity Plans 26 Recovery 27 Exercising and Testing The period before continuity can be restored depends on the stock and requests made, but is monitored and updated after testing. The recovery period is depending on the limitation of damage control, but is generalised to the best of the management s ability. Testing of the BC Plan is carried out annually on a partial basis. Gary home working test completed successfully. Conformance:

6 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 6 of 8 # Standard Section Conf Remarks/Evidence(non-conformances & observations in Red type) 28 Monitoring, Measurement, Analysis and Evaluation is in place in line with the requirements of ISO Internal Audit is in place in line with the requirements of ISO Evaluation of Business Continuity s A review of procedures is carried out annually to ensure they remain effective. 31` Management Review Management review meetings are carried out 4 x annually and minuted in a compliant way. Latest reviewed April Nonconformity, Corrective Action and Improvement is in place in line with the requirements of ISO Conformance:

7 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 7 of 8 Audit Notes: N1 N2 N3 N4 N5 N6 N7 N8 N9 N10 END Conformance:

8 Ed: 1.0 Rev: Jan17 Audit Report ISO 22301:2012 Business Continuity IQS Audits Ltd Auditor: Les Jones Client: Chatterbox Ref: UKE Date: Page 8 of 8 Non Conformance Report (One Form per N/C) Organisation Name: Address: NOT USED AT THIS REPORT N/C Number: Issued By: Date Of Issue: Received By: Contact Name: Contact Position: Tel: Nature Of Non Conformance: To Be Closed- Out By Date: Non Conformance: Standard: 22301:2012 Section: Critical: X Minor: X Other: X Closed-Out By: Position: Date: Name Corrective & Preventive Actions Proposed/Taken: FOR IQS USE ONL Signed Off By: Position: Date: Conformance: