Increasing number of regional companies assigning IT Auditors to cybersecurity risk assessment function
Dubai, UAE; March 04, 2020: Protiviti in partnership with ISACA, a global association helping individuals and enterprises in the IT audit/assurance, governance, risk and information security space, conducted the 8th Annual IT Audit Benchmarking survey that had participation from 2,252 CAEs, IT audit executives and professionals worldwide, including more than 220 professionals from the Middle East region.
Cybersecurity, privacy, data management and governance emerged as the top challenges facing the IT audit leaders and professionals, as they seek to understand, support and advance business growth and innovation in their organizations.
Sanjay Rajagopalan, Managing Director – Protiviti Member Firm, responsible for Internal Audit & Financial Advisory Services for the MENA region, said “Cybersecurity remains the number one challenge to tackle with 80% of survey participants from the Middle East indicating that they are including cybersecurity and privacy audits in their audit plan this year. This is very much in line with the global trend, as IT Audit cannot let its guard down by merely conducting high-level ‘check-the-box’ audits. Detailed security assessments are also required along with meaningful recommendations for these audits to remain relevant to the ever changing environment”.
As per the survey, 62% Middle East respondents foresee a significant role for IT Audits in major technology projects and 70% of the respondents from the region said that their organizations assess technology risk for audit planning purposes as part of the overall internal audit risk assessment process.
Further, 44% of the respondents from the region have mentioned that they have a designated IT Audit Director and 48% of them attend audit committee meetings. This is indicative of the growing recognition for IT audit in the region and the crucial role it can play in ensuring cybersecurity and privacy.
Specifically, from an IT audit perspective, Protiviti sees a strong partnership emerging between the audit and IT function in the area of risk management that will help identify project based challenges in advance.
“While we see cybersecurity and privacy as the standout top technology challenge that organizations face today. Data management and governance have also emerged as a critical challenge, one that has become more significant as compared to previous years of our study”, stated Ahmed Bassiouni, Managing Director - Internal Audit, Protiviti Member Firm.
He further added, “Digital transformation will continue to impact a broad range of areas for IT auditors and amidst these, we anticipate IT audit functions grapple with resource, staffing and skills required, especially as these need to evolve to the changes”.
The study highlights that IT audit functions in the Middle East are looking to hire professionals with expertise in advanced and enabling technologies. The top five skills most in demand are:
• Data science (35%)
• Expertise in advanced and enabling technologies (33%)
• Critical thinking (30%)
• Communications expertise (24%)
• Agile methodology (20%)
As businesses continue their digital transformation journeys, the importance of focusing on data and technology by internal audit gains further importance. The way internal auditors engage and partner with their stakeholders and the skills, tools and technologies they need to develop to support their organizations through the transformation are going to be critical areas of focus, according to the report.