TechnologyIdentity & AccessReport Analyses Gaps in Companies’ IT Audit Function and Risk Assessments

Report Analyses Gaps in Companies’ IT Audit Function and Risk Assessments

Although companies continue to increase their investments in and dependency on IT resources, many are not doing enough to protect themselves, according to a new survey from consulting firm Protiviti.

The firm has issued its ‘2012 IT Audit Benchmarking Survey’, which claims that a significant number of those organisations do not conduct any type of IT audit risk assessment, and a considerable number of companies that do conduct assessments have critical gaps in their IT audit capabilities.

“There’s no question that IT risks can affect the bottom line. To succeed in today’s business environment, it’s critical for organisations to understand and manage IT risks that emerge with the rapidly escalating use of technology, and the best way to do that is with well-planned IT audit strategies and activities,” said Brian Christensen, Protiviti’s executive vice president (EVP) of global internal audit. “We hope our survey results drive organisations to cast a more critical eye on their own IT audit strategy   whether that means establishing a function or cultivating their IT audit team’s experience and capabilities.

The survey asked 300 professionals worldwide, through an open-ended question that required a write-in response, about the top technology challenges that organisations face today. Protiviti says that the top issues from the perspective of IT audit, including information security, cloud computing, social media, and risk management and governance, are consistent with those commonly cited by C-level executives and IT organisations.

The ‘top 10’ issues cited by participants in the survey, conducted in the first half of 2012, were as follows:

  1. Information security (including data privacy, storage, and management).
  2. Cloud computing.
  3. Social media.
  4. Risk management and governance.
  5. Regulatory compliance.
  6. Technology integration and upgradation.
  7. Resource management.
  8. Infrastructure management.
  9. Fraud monitoring.
  10. Business continuity/disaster recovery.

Related Articles

Investing in tokens – not just a game

Identity & Access Investing in tokens – not just a game

4m Egor Gurjev
Treasurers shouldn't rely solely on banks for blockchain innovation: PwC executive

Automation Treasurers shouldn't rely solely on banks for blockchain innovation: PwC executive

7m Victoria Beckett
Appreciating supply chain cyber risk

Cyber Security & Fraud Appreciating supply chain cyber risk

10m Peregrine Storrs-Fox
The death of the password: biometric banking

Automation The death of the password: biometric banking

10m Paul Sheldon Foote
Ransomware attacks rise, as accidental breaches spark concern

Cyber Security & Fraud Ransomware attacks rise, as accidental breaches spark concern

11m Graham Buck
WannaCry hackers collect ransoms

Cyber Security & Fraud WannaCry hackers collect ransoms

11m Graham Buck
Europol reports rise in ransomware attacks

EEA Europol reports rise in ransomware attacks

11m Graham Buck
Global cyberattack could cost $53bn: Lloyd’s

Financial Crime Global cyberattack could cost $53bn: Lloyd’s

11m Graham Buck