Security tops the list of priorities for internal audit
MENLO PARK, CA – A survey of internal audit professionals put the international standard for information security (ISO27000) at the top of priorities for improvement. The study was carried out by internal audit and risk management consultancy and software provider Protiviti.
A total of 516 internal audit professionals, a third of them chief audit executives, participated in the research, which highlighted the growing number of IT and data security risks.
Bob Hirth, Protiviti’s executive vice-president of global internal audit solutions, says: “An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area. Clearly, more organisations view themselves to be vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them.”
Behind ISO27000 came the interrelated issues of better enterprise-wide risk management and fraud risk management.
“Now, more than ever, the internal audit profession requires innovative thinkers who are ready to meet a wide range of GRC challenges, explore new technologies, identify and help to mitigate emerging risks, and develop creative solutions to today's complex business challenges,” says Hirth.
More on Operational Risk
Pay reform won't solve all of banks' problems, academics warn
Decision-making failures are being tackled in three very different ways
Criminals targeting one big hit rather than multiple smaller thefts
Operational risk loss data – September 2014
Sign up for Risk.net email alerts
Sponsored webinar: IBM
Watch highlights of this year's London conference
Operational risk and the challenges of defining and dealing with conduct risk
Watch discussions and speakers from our North America conference
There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.