“The evolving responsibilities of internal audit in addressing cybersecurity issues mean that audit professionals must develop a clear understanding of the principles of data security and the cyber frameworks that apply within their own organizations,” said IIA President and CEO Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA. “As internal audit departments continue to adapt to cybersecurity risk management, the responses recorded as part of the Foundation’s research project can provide a valuable snapshot of the current state of the profession — as well as a potential road map for the future.”
Evolving relationships
The report reveals several opportunities for improving the level of collaboration and support among internal audit and various key players, particularly information technology (IT), information security (InfoSec) and the broad risk management function. While internal audit is more likely to at least have formalized audits and communication with IT and InfoSec departments, research found that relationships characterized by the sharing of resources and high levels of trust…
