Auditing Disaster Recovery & Business Continuity Planning

When:  May 15, 2019 from 8:00 AM to 5:00 PM (ET)

Seminar Objective

This seminar is intended to provide an auditor the base level knowledge required to perform a Disaster Recovery and Business Continuity audit.


Who Should Attend

 This seminar is designed for IT, Integrated and Operational Auditors at all levels.


Seminar Outline

 1. Introduction

  • What is a Business Continuity Plan?
  • What is Disaster Recovery Plan?
  • What have been the traditional types of audits performed which cover Business Continuity and Disaster Recovery
2. Business Impact Analysis (BIA)
  • Understanding Recovery Point Objects and Recovery Time Objectives and how they are used to validate backup and recovery strategies
  • Alternative methods for establishing the BIA
  • Approaches to auditing the BIA
3. Risk Assessment
  • Alternative methods for establishing the Risk Assessment
  • Approaches to auditing the Risk Assessment
4. Backup Strategies
  • Alternative methods for data backups
  • Backup
  • Replication
  • Clustering
  • Approaches to auditing the data backups
5. Business Continuity/Disaster Recovery Plans
  •  Understanding the different types of Business Continuity/Disaster strategiesMulti-site strategies
  • Cloud Computing (SaaS, IaaS, PaaS, AWS)
  • OnPremises hosted systems
  • Purpose of the Plans
  • Alternative methods used within the Industry
  • Administrative components of the Plan
  • Business level plan development and deployment
  • IT Plan components
  • Onsite Disaster Recovery
  • Migration to the offsite DR site
  • Operating at the DR Site
  • Return from DR site to the production site
  • Approaches to auditing the Business Continuity/Disaster Recovery Plans 
6. Disaster Recovery/Business Continuity Testing
  •  Alternative methods to conducting Disaster Recovery/Business Continuity Tests
  • Approaches to auditing the Disaster Recovery/Business Continuity Testing



Mitchell H. Levine, CISA, is the founder of Audit Serve, Inc. which is an IT Audit & Systems consulting company.   For the last 27 years at Audit Serve, Mr. Levine has split his time between traditional IT & Integrated Audit consulting projects, PCI Implementations, and Infrastructure project such as deploying change control systems and developing Disaster Recovery Plans.


Mr. Levine spends 220+ days per year consulting which is the basis for the materials included in the seminars he teaches.


Over the past six years Mr. Levine has presented over 90 seminars to twenty-one different ISACA & IIA chapters. Mr. Levine also was the primary writer and editor of Audit Vision which is published monthly and has a subscription base of over 3,500 audit & security professionals.


Prior to establishing Audit Serve, Inc. in 1990, Mr. Levine was an IT Audit Manager at Citicorp where his duties included managing a team of IT Auditors who were responsible for auditing 25+ service bureaus and the corporate financial systems.



125 High Street
Boston, MA 02110