<!-- This is the markdown version of https://www.fixinc.io/disciplines/itdr-program-review-and-audit -->
<!-- Canonical URL: https://www.fixinc.io/disciplines/itdr-program-review-and-audit -->

# ITDR Program Review and Audit

> Structured audit service that evaluates IT Disaster Recovery program capabilities including technical controls, team readiness, documentation, and test records to identify gaps and deliver prioritised recommendations. 

*This content is available in full at: https://www.fixinc.io/disciplines/itdr-program-review-and-audit*

If you are not reviewing your ITDR program regularly, you are relying on hope rather than validated capability. This module audits your entire recovery capability including systems, people, and plans to ensure they are aligned, current, and ready.

## Service Delivery Approach

Fixinc delivers ITDR Program Review and Audit through four structured steps aligned with the Plan-Do-Check-Act methodology:

1. **Plan**: Agile, first-principles planning ensures a smooth rollout of your refreshed program
2. **Do**: ITDR Program Review and Audit is rolled out smoothly at your organisation
3. **Check**: Your ITDR Program Review and Audit is draft until validated; we address this through structured validation
4. **Act**: Your team and ours will be ready when your ITDR Program Review and Audit is activated in real-life situations

## Audit Process

Fixinc conducts a structured audit of your ITDR program including:

- Technical controls assessment
- Team readiness evaluation
- Documented information review
- Test records analysis
- Recovery objectives evaluation
- System prioritisation assessment
- End-to-end coordination review

Where gaps are found, prioritised recommendations are provided that feed directly into your Corrective Action Plan or [Maintenance Program](https://docs.fixinc.io/maintenance-program.md).

## Audit Approach

The audit approach is collaborative rather than confrontational. Fixinc brings deep recovery experience and fresh thinking to uncover what has been overlooked rather than simply ticking boxes. The team understands [ITDR](https://docs.fixinc.io/service/itdr.md) from the technical trenches to the boardroom and translates that insight into clear, actionable guidance that strengthens your program for the long term.

## Engagement Process

### Initial Consultation

- A link will be sent via email from the Advisory team
- You select a convenient time to chat via phone, Teams, Zoom, or in person
- 30-45 minute discussion to share your objectives
- Fixinc shares delivery approach with opportunity for questions

### Proposal and Quote

- Proposal delivered within 24 hours detailing scope of work
- Discussion scheduled one week later
- Final quote provided for signing within 10 minutes of discussion
- If not signed within 5 weeks, the engagement is considered not the right timing

## Delivery Phases

### Review and Health Check

All ITDR Program Review and Audit implementations start with a deep review of what is already in place. Benchmarks are set based on best practice and ISO standards.

### Design and Develop

With appropriate involvement from your team, Fixinc builds out the ITDR Program Review and Audit component of your ITDR program to the highest quality available.

### Validate

Where appropriate, testing and validation of your new ITDR Program Review and Audit discipline is conducted. This provides tangible evidence of capability and maturity to your stakeholders.

### Maintain

Momentum is the primary setback for organisations embedding resilience. A plan is built to ensure your ITDR Program Review and Audit runs annually.

## Related ITDR Disciplines

Expand your ITDR Program Review and Audit with additional disciplines that ensure a modern organisation can withstand and thrive through the threat landscape:

- [ITDR Component Testing](https://docs.fixinc.io/disciplines/itdr-component-testing.md): Tests individual ITDR components from backup systems to restoration protocols
- [Disaster Recovery Training](https://docs.fixinc.io/disciplines/disaster-recovery-training.md): Trains leaders, operators, and support teams on ITDR roles and response
- [ITDR Test Exercise](https://docs.fixinc.io/disciplines/itdr-test-exercise.md): Simulates real-world IT disaster to test team response and recovery speed
- [ITDR System Analysis](https://docs.fixinc.io/disciplines/itdr-system-analysis.md): Maps infrastructure, uncovers risks, and provides visibility during disruption
- [ITDR Training](https://docs.fixinc.io/disciplines/itdr-training.md): Transforms ITDR knowledge into team-wide capability
- [Cyber Response Exercise](https://docs.fixinc.io/disciplines/cyber-response-exercise.md): Simulates targeted cyber events to test response speed and precision
- [ITDR Business Impact Analysis Report](https://docs.fixinc.io/disciplines/itdr-business-impact-analysis-report.md): Delivers structured reporting from ITDR Business Impact Analysis
- [IT Applications and Systems Mapping](https://docs.fixinc.io/disciplines/it-applications-and-systems-mapping.md): Maps every application and system in your environment
- [ITDR Plan Training for Technical Teams](https://docs.fixinc.io/disciplines/itdr-plan-training-for-technical-teams.md): Trains IT and infrastructure teams on recovery plan execution
- [ITDR Plan Development](https://docs.fixinc.io/disciplines/itdr-plan-development.md): Builds recovery plans around operational reality
- [ITDR Business Impact Analysis](https://docs.fixinc.io/disciplines/itdr-business-impact-analysis.md): Focuses IT recovery on business-critical systems
- [ITDR Threat Analysis](https://docs.fixinc.io/disciplines/itdr-threat-analysis.md): Analyses evolving threat landscape for recovery planning

## Frequently Asked Questions

**What does the ITDR Program Review and Audit discipline involve when delivered by Fixinc?**

ITDR Program Review and Audit at Fixinc is built to be clear, structured, and aligned with the Tungsten Diamond lifecycle. It is tailored to your program maturity and backed by real-world application.

**Does ITDR Program Review and Audit link to other services or tools you offer?**

Yes. ITDR Program Review and Audit often feeds into other services like planning, validation, or digital tools. It is designed to integrate rather than sit in a silo.

**How do we know when our ITDR Program Review and Audit activity is fully effective?**

Success is validated through exercises, engagement, and outcomes. If your ITDR Program Review and Audit effort drives action, conversation, and continuous use, it is working.

**What kind of outcomes can we expect from engaging in ITDR Program Review and Audit?**

Clients typically gain clarity, leadership alignment, and a measurable shift in preparedness through ITDR Program Review and Audit delivery regardless of their starting point.

**How is ITDR Program Review and Audit different from traditional approaches?**

Unlike templated models, ITDR Program Review and Audit work adapts to the client's sector, stakeholders, and risk profile. It is hands-on, flexible, and always validated.

## Case Studies

- [OceanaGold](https://docs.fixinc.io/case-studies/oceanagold.md): Embedded business continuity into mining operations across multiple countries
- [NTT](https://docs.fixinc.io/case-studies/ntt.md): Responded to high-profile global cyber incident in real time
- [Optus](https://docs.fixinc.io/case-studies/optus.md): Reset continuity and recovery programs following high-profile disruption

---

**View this page online:** https://www.fixinc.io/disciplines/itdr-program-review-and-audit

For program inquiries: [Contact Fixinc](https://www.fixinc.io/contact) | info@fixinc.org | +64 800 349 462