Professional Track
Professional Track
ISO 22301 Auditor
Develop the skills to plan, conduct and evaluate audits against ISO 22301 in real organisational contexts.
Auditor
Business Continuity
ISO 22301
Auditing business continuity beyond documented plans
Auditing business continuity beyond documented plans
By focusing on critical activities, recovery capabilities and evidence from exercises and operations, this track builds the capability to assess whether a BCMS will actually perform under disruption.
By focusing on critical activities, recovery capabilities and evidence from exercises and operations, this track builds the capability to assess whether a BCMS will actually perform under disruption.
By focusing on critical activities, recovery capabilities and evidence from exercises and operations, this track builds the capability to assess whether a BCMS will actually perform under disruption.
Overview
The ISO 22301 Auditor Track is designed for professionals who audit Business Continuity Management Systems in different organisational and audit contexts. Rather than approaching audits as a review of documented plans alone, the programme focuses on evaluating preparedness, prioritisation and the organisation’s ability to respond to and recover from disruption.
The track covers the full audit lifecycle and emphasises evidence-based judgement of BCMS effectiveness. Participants learn how to assess whether continuity strategies, recovery capabilities and governance arrangements are coherent, realistic and aligned with organisational objectives, and how to evaluate performance using evidence from exercises, incidents and operational practice.
The programme combines cross-standard auditing modules with business-continuity-specific content. Most modules are shared with other Halderstone auditor tracks, allowing participants to expand into additional standards without repeating core audit training. Context-specific modules support specialisation for internal audits, supplier audits or certification audits. A final assessment consolidates the learning in a realistic ISO 22301 audit scenario.
The ISO 22301 Auditor Track is designed for professionals who audit Business Continuity Management Systems in different organisational and audit contexts. Rather than approaching audits as a review of documented plans alone, the programme focuses on evaluating preparedness, prioritisation and the organisation’s ability to respond to and recover from disruption.
The track covers the full audit lifecycle and emphasises evidence-based judgement of BCMS effectiveness. Participants learn how to assess whether continuity strategies, recovery capabilities and governance arrangements are coherent, realistic and aligned with organisational objectives, and how to evaluate performance using evidence from exercises, incidents and operational practice.
The programme combines cross-standard auditing modules with business-continuity-specific content. Most modules are shared with other Halderstone auditor tracks, allowing participants to expand into additional standards without repeating core audit training. Context-specific modules support specialisation for internal audits, supplier audits or certification audits. A final assessment consolidates the learning in a realistic ISO 22301 audit scenario.
Learning outcomes
Explain the purpose and principles of auditing a Business Continuity Management System.
Plan and prepare BCMS audits based on critical activities, priorities and disruption risks.
Evaluate business impact analyses and continuity strategies for adequacy and realism.
Audit response, recovery and communication arrangements.
Assess exercises, tests and incident handling as evidence of BCMS effectiveness.
Identify and classify nonconformities and opportunities for improvement.
Write clear, factual and actionable audit findings.
Communicate professionally with auditees and manage challenging situations.
Verify corrective actions and assess their effectiveness.
Contribute to continual improvement of organisational resilience through audit insights.
Explain the purpose and principles of auditing a Business Continuity Management System.
Plan and prepare BCMS audits based on critical activities, priorities and disruption risks.
Evaluate business impact analyses and continuity strategies for adequacy and realism.
Audit response, recovery and communication arrangements.
Assess exercises, tests and incident handling as evidence of BCMS effectiveness.
Identify and classify nonconformities and opportunities for improvement.
Write clear, factual and actionable audit findings.
Communicate professionally with auditees and manage challenging situations.
Verify corrective actions and assess their effectiveness.
Contribute to continual improvement of organisational resilience through audit insights.
Modular architecture
Two credentials with one track
Halderstone Professional Certificate in Management System Auditing
The Halderstone Professional Diploma in Management Systems Auditing certifies a strong, cross-standard foundation in management system auditing. It focuses on audit principles, methods and judgement that apply consistently across standards such as ISO 9001, ISO 14001, ISO/IEC 27001, ISO 22301 and ISO/IEC 42001.
The diploma demonstrates that you can plan and conduct audits, gather and evaluate objective evidence, assess system effectiveness and formulate clear, defensible audit conclusions. It confirms your ability to audit management systems beyond checklists, with a focus on risk, performance and continual improvement.
This core diploma is shared across all Halderstone Auditor tracks and provides the foundation for adding additional audit specialisations with minimal additional effort.
The Halderstone Professional Diploma in Management Systems Auditing certifies a strong, cross-standard foundation in management system auditing. It focuses on audit principles, methods and judgement that apply consistently across standards such as ISO 9001, ISO 14001, ISO/IEC 27001, ISO 22301 and ISO/IEC 42001.
The diploma demonstrates that you can plan and conduct audits, gather and evaluate objective evidence, assess system effectiveness and formulate clear, defensible audit conclusions. It confirms your ability to audit management systems beyond checklists, with a focus on risk, performance and continual improvement.
This core diploma is shared across all Halderstone Auditor tracks and provides the foundation for adding additional audit specialisations with minimal additional effort.
Halderstone Specialist Certificate in ISO 22301 Auditing
The ISO 22301 auditing specialisation focuses on applying general auditing principles to the specific challenges of auditing Business Continuity Management Systems. It addresses how to move beyond checking the existence of continuity plans and instead assess whether preparedness, recovery strategies and governance arrangements are realistic and effective.
The specialisation emphasises evaluating business impact analyses, continuity strategies and recovery capabilities using objective evidence from exercises, incidents and operational practice. It also covers assessing roles, escalation paths and communication arrangements, and forming balanced audit judgements about organisational resilience. The focus is on audits that provide meaningful insight into continuity readiness and support measurable improvement, regardless of whether the audit context is internal, supplier-based or third-party certification.
The ISO 22301 auditing specialisation focuses on applying general auditing principles to the specific challenges of auditing Business Continuity Management Systems. It addresses how to move beyond checking the existence of continuity plans and instead assess whether preparedness, recovery strategies and governance arrangements are realistic and effective.
The specialisation emphasises evaluating business impact analyses, continuity strategies and recovery capabilities using objective evidence from exercises, incidents and operational practice. It also covers assessing roles, escalation paths and communication arrangements, and forming balanced audit judgements about organisational resilience. The focus is on audits that provide meaningful insight into continuity readiness and support measurable improvement, regardless of whether the audit context is internal, supplier-based or third-party certification.
Modular architecture
Module recognition across tracks
Previously completed modules are recognized, avoiding duplication when pursuing additional Halderstone tracks.
Core Modules
Specialization Modules
Capstone Project
Final Exam
Core Modules
Specialization Modules
Capstone Project
Final Exam
Core Modules
Specialization Modules
Capstone Project
Final Exam
Most modules in this track are shared with other Halderstone auditor tracks, such as ISO/IEC 27001 Auditor or ISO 9001 Auditor. This allows you to extend your auditor qualification to additional standards with limited additional training, while reusing the same core audit methodology.
For example, completing the ISO 22301 Auditor Track brings you close to qualifying as an ISO/IEC 27001 or ISO 9001 Auditor. The additional effort is typically 1–2 domain-specific modules, depending on the standard and audit context.
Track composition
Track composition
Track composition
Full curriculum
Core modules
Shared foundations common to all tracks
System Foundations
Understand organisational context, stakeholders, and system boundaries
7 h
System Foundations
Understand organisational context, stakeholders, and system boundaries
7 h
System Foundations
Understand organisational context, stakeholders, and system boundaries
7 h
Risk Management Foundations
Learn the fundamentals of identifying, evaluating, treating, and monitoring risks and opportunities across management systems.
7 h
Risk Management Foundations
Learn the fundamentals of identifying, evaluating, treating, and monitoring risks and opportunities across management systems.
7 h
Risk Management Foundations
Learn the fundamentals of identifying, evaluating, treating, and monitoring risks and opportunities across management systems.
7 h
Objectives & Performance Foundations
Learn the fundamentals of objective setting, KPI definition, and KPI governance for management systems
7 h
Objectives & Performance Foundations
Learn the fundamentals of objective setting, KPI definition, and KPI governance for management systems
7 h
Objectives & Performance Foundations
Learn the fundamentals of objective setting, KPI definition, and KPI governance for management systems
7 h
Management Review Foundations
Learn the fundamentals of planning, conducting, and documenting management reviews using integrated inputs and decision-focused outputs
7 h
Management Review Foundations
Learn the fundamentals of planning, conducting, and documenting management reviews using integrated inputs and decision-focused outputs
7 h
Management Review Foundations
Learn the fundamentals of planning, conducting, and documenting management reviews using integrated inputs and decision-focused outputs
7 h
Improvement Management
Understand corrective actions, root cause analysis, action tracking, and effectiveness verification in management systems
7 h
Improvement Management
Understand corrective actions, root cause analysis, action tracking, and effectiveness verification in management systems
7 h
Improvement Management
Understand corrective actions, root cause analysis, action tracking, and effectiveness verification in management systems
7 h
Audit Foundations
Core audit mindset, evidence logic, materiality-based focus, and audit test plan design.
7 h
Audit Foundations
Core audit mindset, evidence logic, materiality-based focus, and audit test plan design.
7 h
Audit Foundations
Core audit mindset, evidence logic, materiality-based focus, and audit test plan design.
7 h
Audit Execution: Communication & Interviewing
Interview planning, questioning, and conversation control for reliable audit evidence
7 h
Audit Execution: Communication & Interviewing
Interview planning, questioning, and conversation control for reliable audit evidence
7 h
Audit Execution: Communication & Interviewing
Interview planning, questioning, and conversation control for reliable audit evidence
7 h
Audit Reporting & Follow-up
Understand how to write evidence-based findings, structure audit reports, and follow up agreed actions to verified closure.
7 h
Audit Reporting & Follow-up
Understand how to write evidence-based findings, structure audit reports, and follow up agreed actions to verified closure.
7 h
Audit Reporting & Follow-up
Understand how to write evidence-based findings, structure audit reports, and follow up agreed actions to verified closure.
7 h
Audit Programme Management
Understand audit programme governance, risk-informed audit portfolios, supplier audit integration, resourcing, and programme-level reporting
7 h
Audit Programme Management
Understand audit programme governance, risk-informed audit portfolios, supplier audit integration, resourcing, and programme-level reporting
7 h
Audit Programme Management
Understand audit programme governance, risk-informed audit portfolios, supplier audit integration, resourcing, and programme-level reporting
7 h
Supplier Audit Execution
Plan and conduct supplier audits using contract-based criteria, evidence targets, and disciplined audit documentation.
7 h
Supplier Audit Execution
Plan and conduct supplier audits using contract-based criteria, evidence targets, and disciplined audit documentation.
7 h
Supplier Audit Execution
Plan and conduct supplier audits using contract-based criteria, evidence targets, and disciplined audit documentation.
7 h
Third-party Auditing Context
Understand the accreditation–certification ecosystem, certification audit lifecycle, impartiality boundaries, and decision interfaces.
7 h
Third-party Auditing Context
Understand the accreditation–certification ecosystem, certification audit lifecycle, impartiality boundaries, and decision interfaces.
7 h
Third-party Auditing Context
Understand the accreditation–certification ecosystem, certification audit lifecycle, impartiality boundaries, and decision interfaces.
7 h
Specialization modules
Role-specific modules that deepen your expertise in ISO 22301 Auditing
Business Continuity Strategies & Solutions
Understand continuity strategy options, solution design components, and decision criteria aligned to ISO 22301 time-based requirements
7 h
Business Continuity Strategies & Solutions
Understand continuity strategy options, solution design components, and decision criteria aligned to ISO 22301 time-based requirements
7 h
Business Continuity Strategies & Solutions
Understand continuity strategy options, solution design components, and decision criteria aligned to ISO 22301 time-based requirements
7 h
Capstone project and final exam
Practical and theoretical demonstration of your acquired competence in ISO 22301 Auditing
The track concludes with a combined assessment:
a written exam covering the essential principles of management system auditing and business continuity auditing, and
a practical audit case in which participants plan, conduct and report an audit of a Business Continuity Management System for a defined audit scenario.
The audit case includes analysing organisational context and critical activities, defining audit scope and criteria, evaluating continuity strategies and recovery capabilities, reviewing evidence from exercises or incidents, and formulating clear audit findings and conclusions. The assessment emphasises evidence-based judgement and audit reasoning rather than checklist-based verification.
Continuous learning
Other tracks
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.
Ready to achieve mastery?
Bring ISO requirements into everyday practice to reduce avoidable issues and strengthen the trust of your customers and stakeholders.