Every business process is supported by assets, information, and expertise, without which, the process cannot function. The deprivation of any of these essential inputs will prevent the process from producing appropriate results. Contingency planning is inherent to a comprehensive risk assessment process as it seeks to identify the critical inputs required for successful process execution, and the potential for disruption in the availability of these inputs. The contingency plan defines the minimum required level of activity which must be accomplished despite the disruption, as well as the mitigating actions and resources to be made available to accomplish that level of activity.

Management should consider that transactions processed during a disruption will likely be processed using alternate procedures to those used during the normal business process. For this reason, recovery procedures should define actions to review transactions processed under the alternate processing procedures to ensure all transactions processed conformed to the intent of management. The concepts of fraud deterrence still hold during an outage period.

We can help management understand the role of supporting inputs in the achievement of their business objectives. Additionally, our background in fraud and control improvement can additionally provide management with greater assurance that assets are safeguarded during the outage period.