When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this during internal audits to test whether A.5.30 ICT Readiness for Business Continuity is designed, implemented, operating, and evidenced.
Audit checklist
- BIA or continuity analysis identifies priority ICT services and recovery sequence.
- RTO, RPO, and service restoration expectations are documented and approved.
- Recovery playbooks are available to responders and usable under stress.
- ICT continuity tests cover important systems and likely failure modes.
- Test findings and real continuity events lead to improvements.
- Supplier ICT continuity arrangements are reviewed or tested where dependency is significant.
Evidence requested
- Procedure or plan reviewed.
- Business owner interviewed.
- IT or continuity owner interviewed.
- Sample test or event record reviewed.
- Evidence location recorded.
- Gaps converted into findings or corrective actions.
Related notes
- Iso27001
- ISO27002
- Template
- Audit
- A5 30
Note Metadata
Aliases: A.5.30 Checklist
Source: 90 Templates/A.5.30 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.