Auditing as a way to increase cyber security
Auditing as a way to increase cyber security

Summary/Abstract: Nowadays, businesses are building bottomless real-time connections with their customers, suppliers, partners, and governments, collecting and selectively sharing huge amounts of data. The value of stored and in-transit information is rising rapidly, driving new markets and generating a need for securely connecting devices and delivering trusted data. Data integrity is a vital component in economy which can pertain to individuals, companies, governments and globally. It is a measure of the validity and reliability of a data. While internal audit has taken some steps toward keeping up with the dynamic changings and complex technology, recently survey indicate that it appears still a challenge to address technology risks as cyber-attacks have become more sophisticated and more complex. Cyber threats to economic security are increasing in frequency, scale, sophistication and severity of impact. The ranges of cyber threat actors, methods of attack, targeted systems and victims are also expanding. In Ernst and Young 2016 report “Creating trust in the digital world”, the company warns that cyber security risks have been underestimated. Cyber security refers to the measures taken to protect company data in computer-based systems from loss, destruction, unauthorized access, or misuse by unintended parties. According to IIA’s 2016 Global Perspectives and Insights, Internal Audit as Trusted Cyber Adviser: “Cyber security must be considered holistically and systemically, as the effects of failure can range from an inability to conduct basic transactions, to loss of intellectual property, to potentially significant reputational damage. It is not solely a technology risk; it is a business risk and, as such, internal auditors have a critical role to play.” How can internal audit help in cyber security? Yet, most survey of board members rate technology risks, most notably cyber, as high (if not at the very top) on the list of their concerns. A growing number of wellinformed internal audit leaders are making steps toward positioning internal audit to be an organization’s trusted cyber adviser by building competencies and demonstrating proficiency in IT issues such as cyber security and big data, and providing a full range of internal audit services related to those issues. The challenge of internal audit departments is not only to understand cyber security risks but to translate that understanding into action.

• Details
• Contents