Business Continuity & The Internal Auditor

Avalution Team Avalution Team | Aug 17, 2009

internal auditorOn Wednesday August 26th, Avalution held a one-hour webinar for internal audit professionals to discuss their role in a business continuity program and how to serve successfully in this capability.

During the webinar, our team introduced internal audit professionals to accepted business continuity practices, as well as emerging (and successful) trends that are occurring in today’s business environment. We also discussed common criticisms that can interfere with internal audit’s participation in business continuity planning and how to overcome each of these barriers. Lastly, we shared our guidance on effective and value-added business continuity audit approaches.

Why You Should View This Webinar
Internal audit can play a key role in any business continuity program, which may include serving as an independent observer or formally meeting oversight requirements based a business continuity standard. In order to successfully fulfill this role, internal audit must have a working knowledge of business continuity-related processes and practices.

Internal audit can help organizations overcome many of the most common characteristics associated with a failing planning effort:

  • Inappropriate or inaccurate scope
  • A lack of management involvement
  • A haphazard set of activities, instead of a strategically-aligned program of cyclical and integrated processes

New and emerging business continuity standards recognize this value and require internal audit participation to help ensure management stays informed regarding program performance and organizational readiness. Internal auditors can provide the independent oversight that may be needed to ensure:

  • Program objectives are aligned with the organization’s goals
  • Planning activities are designed to deliver on management’s expectations
  • Recurring activities are consistently implemented

Because internal auditors possess a unique knowledge of the entire organization, they may also be better-placed to assist with the identification of business continuity risks that are poorly mitigated or completely untreated.

Internal audit can be equally valuable even if a business continuity program does not exist. Internal audit is well-placed to advocate to management that the board and other members of the executive management team have a fiduciary responsibility to address continuity and availability risk. In order to successfully fulfill this role, the internal auditor must be able to understand business continuity and the value this risk management discipline can provide to an organization. Our webinar will enable the internal audit professional to be that value-added business continuity participant.