Pre Course

Download as pdf or txt
Download as pdf or txt
You are on page 1of 5

ISO22301:2019; LEAR AUDITOR COURSE (Virtual

Classroom)
Pre-course Questionnaire
(Request to attempt all the questions given below and send it back to Tutor within a day)
Name of the Training Participant: Mr. Tavhare Kisan Sopan
Training Dates: 18th, 19th, 24th to 26th May 2024
Role : Lead Auditor.
The Organization you work for currently: EXTECH CERTIFICATIONS AND TECHNOLOGY SERVICES PRIVATE
LIMITED.
1. What is objectivity and impartiality in the context of an Internal audit?

Objectivity refers to the auditor’s ability to make professional judgments without being
influenced by personal interests or biases. It means that an auditor does not take sides in a
dispute and the audit is conducted based on facts. An auditor is expected to maintain an
impartial, open-minded, unbiased, and fair mental attitude, which is a prerequisite for
achieving quality results that add value to the organization.

Impartiality is closely related to objectivity. It refers to the auditor’s commitment to


fairness and neutrality. Impartiality and objectivity of auditors are basic prerequisites for
an effective and consistent audit. The certification body employing the auditors should be
able to demonstrate how the requirements of impartiality are fulfilled with respect to all of
its operations, including those of its auditors.

Threats to auditor impartiality are sources of potential bias that may compromise, or may
reasonably be expected to compromise, an auditor’s objectivity. Therefore, the certification
body should identify, analyze, evaluate, treat, monitor, and document such risks and
demonstrate how threats are eliminated or minimized.

2. List down the Personal behaviours (Attributes) :

A. Ethical - Fair, truthful, sincere, honest, and discreet.

B. Open-minded - Willing to consider alternative ideas or points of view.

C. Diplomatic - Tactful in dealing with individuals.


D. Observant - Actively observe physical surroundings and activities.
E. Perceptive - Aware of and able to understand situations.
F. Versatile - Able to readily adapt to different situations.
G. Tenacious - Persistent and focused on achieving objectives.
H. Decisive - Able to reach timely conclusions based on logical reasoning and analysis.
I. Self-reliant - Independent and able to perform duties without constant supervision.
J. Acting with fortitude - Able to act courageously and stand up for their beliefs.
K. Open to improvement - Always looking for ways to improve their skills and knowledge.
L. Collaborative - Able to work effectively with others to achieve common goals.

IRCLASS/TRG/PCQ/LAC/BCMS/Rev:04-2021 Page 1|5


ISO22301:2019; LEAR AUDITOR COURSE (Virtual
Classroom)
Pre-course Questionnaire
(Request to attempt all the questions given below and send it back to Tutor within a day)

1. List down Legal requirements you are familiar with BCMS?

1. Data Protection and Privacy Laws: Organizations must comply with data protection
regulations such as the General Data Protection Regulation (GDPR) in the
European Union or the California Consumer Privacy Act (CCPA) in the United
States. These laws impact how organizations handle personal data during disruptions.
2. Industry-Specific Regulations: Various industries have specific legal requirements
related to business continuity. For example:

a. Financial Services: Compliance with regulations like the Sarbanes-Oxley


Act (SOX) or Basel III.
b. Healthcare: Adherence to the Health Insurance Portability and
Accountability Act (HIPAA).
c. Utilities: Compliance with regulations governing critical infrastructure
protection.

3. Contractual Obligations: Organizations often have contractual agreements with


clients, suppliers, and partners. These contracts may include provisions related to
business continuity planning, disaster recovery, and service-level agreements.

Labor Laws: Ensuring employee safety during disruptions is essential. Labor laws
dictate requirements for employee protection, evacuation plans, and remote work
arrangements.

Insurance Requirements: Organizations may need to meet specific insurance


requirements related to business interruption coverage, property damage, and liability.

Local and National Laws: Legal requirements can vary by country, state, or region.
Organizations must be aware of local laws related to emergency management,
workplace safety, and continuity planning.

IRCLASS/TRG/PCQ/LAC/BCMS/Rev:04-2021 Page 2|5


ISO22301:2019; LEAR AUDITOR COURSE (Virtual
Classroom)
Pre-course Questionnaire
(Request to attempt all the questions given below and send it back to Tutor within a day)
4. What are the ISO22301 requirements related to BCMS objectives?

1. Continual Improvement: Organizations must actively seek areas for improvement within their
BCMS. By setting objectives, implementing changes, and monitoring progress, they enhance
the system’s effectiveness and efficiency.
2. Organizational Learning: ISO 22301 encourages learning from disruptions. Organizations
analyze incidents, adapt their strategies, and apply lessons learned to strengthen their BCMS.

5. ISO22301 states “changes shall be carried out in planned manner”


what do you mean by this phrase?

1. Planning: Before implementing any changes, organizations should create a detailed plan.
This plan outlines the purpose, scope, impact, resources needed, and potential risks
associated with the change.
2. Risk Assessment: Evaluate the potential impact of the change on your BCMS. Identify
any risks or unintended consequences and develop mitigation strategies.
3. Communication: Inform relevant stakeholders about the planned changes. Transparency
ensures everyone is aware and prepared for the upcoming modifications.
4. Testing: Test the proposed changes in a controlled environment. This helps identify any
issues before full implementation.
5. Documentation: Document the entire process, including the rationale behind the change,
steps taken, and outcomes. This documentation is essential for future reference and audits.

6. What is definition of competence as per ISO22301?

Answer:

A. Determine the necessary competence for personnel performing work affecting the
BCMS.
B. Ensure that personnel are competent based on appropriate education, training, or
experience.
C. Maintain records of education, training, skills, and experience.

5. What is difference between correction and corrective action?

Answer: A correction is an immediate response to a known problem.

Corrective action is a measured response to an undesirable situation.

IRCLASS/TRG/PCQ/LAC/BCMS/Rev:04-2021 Page 3|5


ISO22301:2019; LEAR AUDITOR COURSE (Virtual
Classroom)
Pre-course Questionnaire
(Request to attempt all the questions given below and send it back to Tutor within a day)
6. As per ISO22301 what a person working under control of the organization
be aware of”?
Answer:-
A. The business continuity policy and objectives.
B. Their contribution to the effectiveness of the Business Continuity Management
System (BCMS), including the benefits of improved performance.
C. The implications of not conforming with the BCMS requirements.
D. Their roles and responsibilities within the organization for ensuring the effective
operation of the BCMS.

7. What are the responsibilities of Leadership as per ISO22301:2019?

Answer: Setting Clear Objectives, Allocating Resources, Demonstrating Commitment, Creating


Resilience Culture, Monitoring Progress.

8. What is Business Impact Analysis?

A Business Impact Analysis (BIA) is a detailed examination of an organization’s potential challenges


or risks. It evaluates the possible effects of financial, natural, or business disruptions on the
company’s daily operations and its ability to remain profitable in the long term

9. What are the resource requirements pertaining to business continuity


solutions?

Ans: - Resource Allocation, Archer Business Resiliency, Continuous availability, Cloud


Back Ups.

10. Do you have any exposure to Business Continuity Planning & Procedures
etc.

Ans:- BCP involves creating strategies to ensure an organization’s critical functions continue
during disruptions. Key steps include risk assessment, impact analysis, plan development, testing,
and maintenance.

11. List down content of the Business Continuity Plan?

A. BCP Team
B. Business Impact Analysis (BIA)
C. Risk Mitigation
D. Business Continuity Strategies
E. Training

IRCLASS/TRG/PCQ/LAC/BCMS/Rev:04-2021 Page 4|5


ISO22301:2019; LEAR AUDITOR COURSE (Virtual
Classroom)
Pre-course Questionnaire
(Request to attempt all the questions given below and send it back to Tutor within a day)
F. Testing

12. Have you ever participated in Business Continuity Exercising? If yes,


what you enjoyed the most in that exercising & testing.

Answer: - Yes.

Collaboration, Problem-Solving, Learning, Adrenaline, Seeing Plans in Action.

SIGNATURE:

IRCLASS/TRG/PCQ/LAC/BCMS/Rev:04-2021 Page 5|5

You might also like