Protiviti - From Cybersecurity to Collaboration: Assessing the Top Priorities for Internal Audit Functions
Will 2015 be a repeat of 2014 and become the year of the data breach?Organizations of all kinds and sizes are experiencing a troubling number of cybersecurity issues, challenges and breakdowns. IT departments clearly have major responsibilities in addressing these areas. But internal auditors also play a vital role in securing the organization by working closely with executive management and functional leaders to ensure that cybersecurity is incorporated into the flow of common business and its multitude of processes.
In this year’s Internal Audit Capabilities and Needs Survey, we’ve devoted a special section to the current state of cybersecurity. Our findings show that, not surprisingly, cybersecurity represents a major focus for internal audit programs, but it is far from the only pressing issue on internal audit’s plate.
- - Board engagement and the audit plan represent keys to effective cybersecurity – When it comes to cybersecurity, top-performing organizations have both high board engagement as well as defined cybersecurity measures in the annual audit plan.
- - The list of internal audit priorities continues to grow – There are cybersecurity issues; risks related to emerging technologies (e.g., social media, cloud computing and mobile applications); increasing regulatory compliance requirements; and new guidance and standards from The IIA, ISO and COSO. These and other priorities are requiring internal auditors to be nimble and adaptive in helping their organizations address rapidly evolving demands.
- - Technology-enabled auditing is on the rise – Competing urgencies on a lengthy priorities list are driving more internal audit functions to increase their investment in, and use of, technology- enabled auditing approaches and tools.
- - More are focused on marketing and collaboration – Internal audit leaders and staff are focused more than ever on conveying to the rest of the organization the function’s mission, value and risk-related concerns. They also want to increase their collaboration as strategic partners with executive management, other functional leaders and the board to help the organization understand its risks and achieve its strategic objectives.