This tool contains four sample work programs that provide general steps organizations can use for performing a disaster recovery process audit.
The objectives of this type of audit include: determine if an appropriate enterprisewide governance structure is in place to manage the ongoing development, enhancement and maintenance of the company’s disaster recovery program; determine if baseline, foundational program components (e.g., business impact analysis) were appropriately considered with developing relevant strategies and plans; and determine if in-scope, tier-one systems have appropriate IT recovery strategies and plans in place, which are aligned with business requirements.
Risk & Control Matrices - RCMs
Business Continuity Management RCM
Policies & Procedures