STOCK TITAN

Cybersecurity, Privacy, Data and Regulatory Compliance Rank as Top IT Audit Risks

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Neutral)
Tags
Rhea-AI Summary

A new survey by Protiviti and ISACA reveals that cybersecurity is the primary risk facing IT audit departments, with issues like data privacy and regulatory compliance also being significant concerns. Conducted in late 2021, the survey of over 7,500 IT audit professionals indicates a heightened perception of the technology risk landscape, exacerbated by increasing cyberattacks. Notably, 20% of organizations do not plan to address cybersecurity risks in their 2022 audit plans. The top risks identified include cyber breaches, managing security incidents, and privacy issues.

Positive
  • Survey highlights the crucial role of data management and security in organizations.
  • Increased awareness of cybersecurity risks among IT audit leaders and professionals.
Negative
  • One in five organizations do not plan to address cybersecurity risks in their audit plans.
  • Heightened perception of risk suggests a more dangerous environment for IT audits.

New study by Protiviti and ISACA underscores security risks looming large in today's dynamic threat landscape

MENLO PARK, Calif., June 27, 2022 /PRNewswire/ -- A new survey conducted by Protiviti and ISACA found that cybersecurity is the chief risk for IT audit departments, with several related risks such as privacy and data as well as regulatory compliance also ranking as top concerns.

The top risks cited in this year's survey highlight the vital yet sensitive role that data plays in organizations today.

Responses to this year's edition of the annual technology and audit benchmarking survey, titled "IT Audit Perspectives on Today's Top Technology Risks," indicate that IT audit teams are perceiving the current technology risk landscape as much more threatening than in the past. War-related cyberattacks are on the rise, the surge of sophisticated ransomware attacks is ongoing and remote work continues to subject many organizations to new cybersecurity risks. Yet despite heightened concerns, the survey revealed that one in five organizations do not expect their 2022 audit plans to address the risk of cybersecurity breaches.

"Given the increasingly complex and rapidly changing technology risk landscape we're in, it's imperative for IT audit leaders to understand they are responsible for maintaining a holistic view of IT risks impacting the entire organization," said Angelo Poulikakos, a managing director at Protiviti and global leader of the firm's Technology Audit practice. "This requires tech-enablement from an audit standpoint and regular calibration of risk assessments to suit the current environment, rather than 'rinsing and repeating' the work from previous years."

"The elevated cybersecurity concerns evidenced in this year's survey underscore that cyber threats are no longer concentrated within specific industries. This is an industry agnostic concern, and every organization should be mobilizing to protect itself. While IT audit teams may not be on the front lines managing these risks, it's essential that they take a proactive approach to regularly assess the efficacy of these efforts while confirming the proper controls and protections are in place," added Poulikakos.

The Top 10 IT Audit Risks for 2022
The survey asked respondents to rate the significance of 39 technology risk issues. Of those, the top 10 IT audit risks identified were as follows:

  1. Cyber breach
  2. Manage security incidents
  3. Privacy
  4. Monitor regulatory compliance
  5. Access risk
  6. Data integrity
  7. Disaster recovery
  8. Data governance
  9. Third-party risk
  10. Monitor/audit IT, legal and regulatory compliance

The top risks cited in this year's survey highlight the vital yet sensitive role that data plays in organizations today, with respondents expressing significant concerns regarding the way in which data is gathered, governed and secured. Respondents also demonstrated that IT audit professionals are acutely aware of the evolving compliance requirements facing their organizations, related to data stewardship, industry standards, and national and regional requirements.

"With a global focus on data regulation, it may be easy to view data solely through a lens of compliance," said Paul Phillips, ISACA director of Event Content Development and Risk Professional Practice lead. "However, consumer concern with how their data are used and stored and other operational matters that can quickly become reputational matters must not be discounted. As IT auditors assess risk and evaluate controls associated with data, the tremendous organizational value (and responsibility) of data and the importance of trust should always be top of mind."

The benchmarking report is based on a survey, fielded in the fourth quarter of 2021, of over 7,500 IT audit leaders and professionals, including chief audit executives (CAEs) and IT audit vice presidents and directors, representing a wide range of industries globally. The survey was conducted in collaboration with ISACA, a global professional association of more than 165,000 digital trust professionals.

Survey Resources Available
"IT Audit Perspectives on Today's Top Technology Risks" is available for complimentary download, along with an infographic and podcast about the survey results, here. On July 28, 2022, at 11:00 a.m. PDT, Protiviti will host a free one-hour webinar to further explore the implications of the survey. Featured speakers will be Poulikakos, Phillips and Maeve Raak, a director in Protiviti's Technology Audit practice. Please register here to attend the webinar.

About Protiviti
Protiviti (www.protiviti.com) is a global consulting firm that delivers deep expertise, objective insights, a tailored approach, and unparalleled collaboration to help leaders confidently face the future. Protiviti and its independent and locally owned Member Firms provide clients with consulting and managed solutions in finance, technology, operations, data, digital, legal, governance, risk and internal audit through its network of more than 85 offices in over 25 countries.

Named to the 2022 Fortune 100 Best Companies to Work For® list, Protiviti has served more than 80 percent of Fortune 100 and nearly 80 percent of Fortune  500 companies. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index.

About ISACA
ISACA® (www.isaca.org) is a global community advancing individuals and organizations in their pursuit of digital trust. For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its more than 165,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through its foundation One In Tech, ISACA supports IT education and career pathways for under resourced and underrepresented populations.

Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

Editor's note: photos available upon request.

 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/cybersecurity-privacy-data-and-regulatory-compliance-rank-as-top-it-audit-risks-301576172.html

SOURCE Protiviti

FAQ

What are the top IT audit risks identified in the Protiviti and ISACA survey?

The top risks include cyber breach, managing security incidents, privacy, regulatory compliance, access risk, data integrity, disaster recovery, data governance, third-party risk, and monitoring compliance.

When was the Protiviti and ISACA survey conducted?

The survey was conducted in the fourth quarter of 2021.

What organization conducted the survey on IT audit risks?

The survey was conducted by Protiviti in collaboration with ISACA.

How many IT audit professionals participated in the survey?

Over 7,500 IT audit leaders and professionals participated in the survey.

What percentage of organizations do not plan to address cybersecurity risks in their audit plans?

20% of organizations do not plan to address cybersecurity risks in their 2022 audit plans.

Robert Half Inc.

NYSE:RHI

RHI Rankings

RHI Latest News

RHI Stock Data

7.56B
103.25M
3.06%
97.3%
5.73%
Staffing & Employment Services
Services-help Supply Services
Link
United States of America
MENLO PARK