Tag: IT Audit

Tech Risks Crowd Audit Plan ‘Hot Spots’ for 2019

As internal audit teams work on their audit plan for 2019, a new report sheds light on where some of the trouble spots are likely to occur for companies, and where internal audit may want to consider focusing its scrutiny and assurance efforts. Last week, technology research firm Gartner issued Read More

cybersecurity phone image

Study Identifies Top Ten Cybersecurity Threats

Despite record spending on cybersecurity, a new study finds that IT security breaches remain at epidemic levels. According to a new report conducted by Osterman Research, a whopping 70 percent of the more than 200 medium and large organizations surveyed reported being the victim of at least one successful cyber-attack Read More

Equifax

U.S. GAO: Internal Control Failures Contributed to Equifax Data Breach

A new report from the U.S. General Accounting Office examines the causes of the massive 2017 data breach by Equifax that compromised the personal data of more than 148 million Americans. The report contributes the debacle to the company’s failure to use common cybersecurity best practices, poor internal controls, and Read More

insider threat

IIA Issues Guide on Auditing Insider Threat Programs

The Institute of Internal Auditors issued a new guide on insider threat programs that is designed help internal auditors understand insider threats and related risks by providing an overview of common traits of main players, key risks, and potential impacts. The guide also covers security frameworks, techniques, considerations, and resources Read More

It Might Be Time for an Audit of Open Source Software Usage

There’s no debate about the value of using open source software (OSS) when building new business applications—cost, flexibility, quality and ease of use, to name a few—but its use comes with legal obligations and security vulnerabilities that can pose significant risks to organizations. To effectively pre-empt such risks, proactive OSS Read More

Deadline Looms for New York Financial Audit-Trail Law

The deadline is looming for banks and financial institutions that do business in New York to comply with new regulation that requires them to keep an audit trail of financial transactions for at least five years. Provisions of the Cybersecurity Regulation, which was passed in March 2017, will go into Read More

Equifax

Equifax Consent Order Includes Internal Audit, IT Audit Mandates

In a consent order signed with eight states, credit reporting agency Equifax agreed to adopt several measures to shore up weaknesses across a wide spectrum of its IT and data security operations. The order includes a provision to beef up its internal audit program. It requires better assessments of internal Read More

Hurricane is one type of crisis

Study: Most Crisis Response Plans Go Untested

A new study from Deloitte indicates that it might be time to audit the crisis management plan. The study based on responses of 523 senior executives involved in risk, crisis management, and business continuity finds just 17 percent say their organizations have tested their crisis response plans. That’s way to Read More

cybersecurity image

Boards to Seek More Reporting on Cybersecurity Effectiveness

A new survey finds that corporate boards are expected to ask IT, IT audit, and other functions responsible for securing the company’s data and systems for more information on the effectiveness of cybersecurity programs. The survey, by Deloitte, found that 62.7 percent of C-suite and other executives expect board directors’ Read More

digital transformation

New Report Documents Internal Audit Efforts to Up Tech Game

A new report from consulting firm Protiviti takes a close look at several companies’ audit departments as they attempt to adopt new technologies or help the business through digital transformation. The publication highlights the achievements of such companies as Accenture, Conservas La Costeña, Heineken, JP Morgan Chase, Juniper Network, Panera Read More