Lewati ke konten utama

Evidence Model

Evidence adalah bukti yang menjelaskan bahwa aktivitas BCM benar terjadi dan dapat diverifikasi. Audit Binder mengambil evidence dari registry lintas modul, bukan dari catatan manual yang tercecer.

Field Evidence

Field	Tujuan
Tenant/site/unit scope	Membatasi evidence ke organisasi, lokasi, dan unit yang benar.
Module code	Menghubungkan evidence ke BCM-01 sampai BCM-23.
Clause/regulation	Menghubungkan evidence ke ISO 22301, regulasi, SLA, kontrak, atau policy internal.
Source type	Document, audit finding, CAPA, incident, exercise, report, Aegis draft, connector job, atau manual record.
Owner/PIC	Penanggung jawab evidence.
Status	Draft, in review, approved, archived, expired, atau rejected.
Version/download URL	File atau artifact yang dapat dibuka/download bila permission cukup.
Audit event reference	Request/action yang menghasilkan atau mengubah evidence.

Sumber Evidence

Modul	Contoh evidence
Scope	Scope document, policy draft/final, BCM team appointment.
Stakeholder	Stakeholder matrix, source file, interest mapping.
Products/Factors/Functions	Scoring, dependency, SPOF, priority approval.
BIA/Risk/Scenario	BIA report, risk register, heatmap, scenario procedure.
BCP/Crisis	Recovery steps, DRP link, approved crisis template.
Awareness/Exercise	Attendance, quiz, certificate, simulation report, finding.
Audit/RTM/CAPA	Checklist, finding, minutes, decision, action evidence, effectiveness review.
Vendor/Incident	Vendor assessment, contract, incident timeline, notification queue, post-incident report.
Documents/Templates	Versioned controlled documents and template lifecycle.
Audit Trail/Integration/Knowledge	Export evidence, connector job log, indexed knowledge source.

Evidence Quality

Evidence lemah bila:

tidak punya owner;
file tidak bisa didownload;
status masih draft tanpa review;
tidak jelas klausul atau modulnya;
berasal dari AI tetapi tidak punya source/citation;
tenant/site/unit tidak sesuai.

Field Evidence
Sumber Evidence
Evidence Quality