Protiviti and ISACA partnered again this year to take a global look at IT Audit Best Practices. The study gathered insights from over one thousand IT audit leaders and professionals about their IT audit function and the IT challenges that their organizations are facing.
[dvbox title=”Here are the key take-aways from the survey:” style=”light”]
- Cybersecurity is viewed as the top technology challenge.
- There appears to be more executive-level interest in IT audit.
- More CAEs are beginning to carry leadership for IT audit directly.
- Most IT audit shops have a significant or moderate level of involvement in key technology projects.
- Most perform IT audit risk assessments, though a majority do so annually or less frequently.
[/dvbox]
There is a lot of great information in the survey, but the most surprising to me was that IT Audit is still not as regularly engaged throughout major technology projects. Engaging IT Audit early in these initiatives can have a clear business benefit (i.e. identifying potential problems with the tools early before their implemented, consideration for security role design, and an ability for project teams to identify process gaps before a post-implementation review). I think there is a great story waiting to be told about how IT and IT Audit can partner to improve efficiency, effectiveness, and risk mitigation throughout the project lifecycle.
Learn more at Protiviti.com/itauditsurvey and let me know whether you feel these results match your experience.
Comments are closed.