[WS24] ISO 22301:2019营运持续管理主任审核员证书培训课程(CQI和IRCA认可)

 ISO 22301:2019 Lead Auditor (Business Continuity Management Systems) Training Course


This CQI (Chartered Quality Institute) /IRCA (International Register of Certificated Auditors) certified Information Security Management Systems (ISMS) Auditor / Lead Auditor Training Course is part of International recognized CQI/IRCA ISMS Auditor Certification programme.

The successful completion of this course is pre-requisite and essential to becoming a CQI/IRCA ISMS Auditor.  


Learning objectives

  • Learn how to explain the purpose and business benefits of a BCMS, of BCMS standards, of management system audit and of third-party certification
  • Learn how to explain the role of an auditor to plan, conduct, report, and follow-up a BCMS audit in accordance with ISO 19011 (and ISO 17021) where appropriate
  • Learn the how to plan, conduct, report and follow-up an audit of a BCMS to establish conformity (or otherwise) with ISO 22301 in accordance with ISO 19011 (and ISO 17021 where appropriate)


Course benefits

  • Your organization will have an internal resource and process to be able to conduct its own audit of its BCMS to assess and improve conformance with ISO 22301
  • You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of a BCMS in any organization
  • Successful auditing will improve the business continuity capability and quality to meet market assurance and corporate governance needs
  • Understand how to identify gaps in a BCMS system
  • Accurately audit will be able to provide continuous improvement to a management system
  • Meet training requirements for IRCA auditor certification


Who should attend?

This course is intended for those who will be involved in leading audits of a BCMS that conforms to ISO 22301:2012 in any organization. Suggested job functions and their teams include:

  • Those wishing to implement a BCMS in accordance with ISO 22301
  • Management professionals who operate emergency response services, i.e. data center, help desk, problem management
  • The existing auditor who wants to expand their auditing skills 
  • Consultants who wish to provide advice on ISO 22301 implementation
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers


Course outline

Day 1: Business continuity management systems knowledge (ISO 22301)

  • Terms and definitions 

  • Management system structure (MSS) and process approach (PDCA)

  • Understanding of organization, interested and their requirements 

  • Management system scoping 

  • Top management leadership, management system policy and objectives 

  • Support the management system 

Day 2: Business continuity risk management

  • Business risk management requirements and process (BIA, business impact analysis)

  • Risk assessment (identify the risk, risk analysis, and risk evaluation)

  • Risk treatment (business continuity strategy)

  • Incident management process

  • Business continuity management and plans (BCPs) 

  • BCM exercising and testing

  • Documented management system (standard requirements and from the organization)  

Day 3: Guidelines for auditing management systems (ISO 19011) - Audit simulate the process of planning, preparation for an audit

  • Roles and responsibilities in an audit 

  • Management performance evaluation and continual improvement requirements 

  • Different types of audit

  • Audit programme and purpose

  • Planning an audit (initiate the audit, feasibility analysis)

  • Conduct a Stage 1 audit (document review)

  • Preparation for Stage 2 (on-site) audit - audit plan

  • Preparation of audit work documents includes checklist and audit trails 

Day 4: Guidelines for auditing management systems (ISO 19011) - Audit simulate the opening meeting, on-site audit activities, and role-play

  • Opening meeting

  • Roleplay for audit scenarios 

  • Practice audit skills of collecting audit evidence

  • Prepare audit findings and results, includes conformance, non-conformity (NC), and opportunity for improvement (OFI) 

  • Prepare audit report 

Day 5: Guidelines for auditing management systems (ISO 19011) - Audit simulate the closing of on-site audit - close meeting and follow-up

  • Audit conclusion 

  • Closing meeting 

  • Audit follow-up

  • Evaluating correction, corrective action including root cause analysis and audit finding closure

  • Management system certification 

  • Course summary and examination 


RTTP Funding Sponsorship

The following training class has been included in the list of registered public courses under the Reindustrialisation and Technology Training Programme (RTTP) so it is entitled to apply for the funding sponsorship.

  • RTTP Course Code:  HKQAA/2/2022(RT)

  • Course Date:  16-20 May, 2022 (5-day course)

  • The subsidy is applicable ONLY to the classroom training at regualr course fee HK$9,800.

How to apply for RTTP?  Click here


Should you have any questions, please contact Ms. Joanne Chan during office hour. 

Tel: (852) 6050 8153                         Email:

Office Hour: 9 a.m. to 6 p.m. (Monday to Friday)


備注: “HKQAA reserves the right to cancel the course, change the trainer, content, date, time and / or venue as necessary. Please read the terms and conditions at the bottom of this page before enrolment.” Course time : 09:30 - 17:00 Early bird discount fee : settle fee one month before the course No Group discount.





课程费用 (提早报名)


WS24E/HK-06A (Virtual class) 5-9 June 2023 5 days 12000 10800 英語 - 輔以英文講議 香港北角渣华道191号嘉华国际中心19楼
WS24E TBA 5 days 12000 10800 英語 - 輔以英文講議 香港北角渣华道191号嘉华国际中心19楼

申请 条款及条件



最后更新:2023-03-24    免责声明
Copyright © 2009 香港品质保证局. 版权所有 不得转载