Third of businesses failed to address cybersecurity in 2018 audit plans

null

For businesses, privacy and cyber-security is the biggest concern, for the second consecutive year. This is according to a new report by Protiviti and ISACA, based on a poll of 1,300 IT audit and internal audit leaders and professionals.

The report, entitled A Global Look at IT Audit Best Practices, finds it surprising that 37 per cent of businesses did not add cyber-security within their audit plans, despite seeing it as a top priority.

They have failed to do so mostly due to a lack of resources.

IT auditing has seen a solid boost, the report added, saying that half of all organisations now have a dedicated IT audit director, which wasn’t the case five years ago. Back then, only 35 per cent of organisations had such a role.

In North America, for example, 59 per cent of IT audit teams are ‘significantly’ or ‘moderately’ involved in tech projects.

Data management and governance has made it into the top 10 biggest risk for the first time ever.

“The results of the latest global IT Audit Benchmarking Study from ISACA and Protiviti paint a vivid picture of the ways IT audit leaders and professionals are succeeding, as well as where they need to “step up their games,” especially given the omnipresent nature of digital transformation efforts, cyber security risk and technological advancements,” the report states.

“This year’s results identify several areas of progress; however, there is still work to be done in order for IT audit functions to deliver the strategic insights and real-time risk advances key stakeholders expect, and also help their organizations address the transformation of legacy technologies and the rapid rise in the number and severity level of cyber security risks.”

Image source: Shutterstock/deepadesigns