Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

Key Lessons Emerge from ISACA’s IT Audit Forum in New Orleans

by Corporate Compliance Insights
May 3, 2016
in GRC Vendor News
Key Lessons Emerge from ISACA’s IT Audit Forum in New Orleans

Forum offered guidance on navigating evolving IT audit landscape

New Orleans, LA (May 3, 2016)—Leading authorities on IT audit offered solutions to several of the industry’s most critical challenges at Monday’s IT Audit Director Forum. The forum was part of global IT association ISACA’s North America CACS Conference, which concludes Wednesday in New Orleans.

The wide-ranging, discussion-intensive forum explored many of the toughest and most timely challenges encountered by IT auditors. Three key lessons emerged from the forum:

1. Optimize opportunities associated with big data. Efficiently harnessing the potential of big data can be problematic. The diversity of data, determining the data’s lineage and a lack of strategy from business leaders for how to optimize the data are among the potentially complicating factors.

However, the wealth of data available to IT auditors can help them deliver tremendous value.

Michael Juergens, CISA, CGEIT, CRISC, Principal at Deloitte & Touche LLP, said IT auditors should not “take their foot off the gas” when it comes to making use of the data available to them.

“One recurring theme we see is where an internal audit function does something with analytics or data and then ‘checks the box,’ saying they are using analytics or big data,” Juergens said. “This topic is extremely broad, so it is important to consider multiple aspects of big data and analytics, from data life cycle management and defensible destruction to data loss prevention, storage requirements, data governance and tool selection.”

2. Continuous risk assessments are essential. David J. Brand, Managing Director with Protiviti, said the evolving IT landscape requires more vigilance than in the past.

“An annual risk assessment is no longer acceptable,” Brand said. “If you have one report for the audit committee that is used for the rest of the year, that probably isn’t getting it done. Maybe you have an annual report for the audit committee, but you have to have the ability to react more quickly and make real-time adjustments rather than refresh on an annual basis.”

Brand said that organizations need to be especially mindful of internal vulnerabilities, which he said tend to be underestimated and underfunded in IT budgets.

3. Audit professionals play a critical role in assessing cyber risks—and need to make that clear. Tony Noble, CISA, VP of IT Audit at Viacom Inc., said a perception exists that a lack of expertise among IT auditors limits their ability to detect cyber risk. He said the problem usually is a lack of dialogue rather than a shortage of knowledge.

“If internal audit’s opinion on how the organization is addressing cyber risks is not valued, it will be difficult for them to convince management that they are adding positive value to the organization,” Noble said.

Noble said auditors should make use of established frameworks such as COBIT 5 and educational opportunities involving emerging technologies to ensure their skills keep pace.

Other speakers and topics at the forum included:

  • Robert Kress, Protiviti (global look at IT audit best practices)
  • Phil Lageschulte, KPMG (strategies for providing assurance over transition to cloud)
  • Michael Smith and Khalid Wasti, PricewaterhouseCoopers (hiring and retaining the best talent)

A white paper featuring additional insights from the IT Audit Forum will be available soon. For additional audit and assurance resources, visit ISACA’s Knowledge Center. To live stream the closing keynote at North America CACS on Wednesday, visit www.isaca.org/NA-CACS2016.

About ISACA

ISACA (www.isaca.org) helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA also offers the Cybersecurity Nexus (CSX), a holistic cybersecurity resource, and COBIT, a business framework to govern enterprise technology.

Twitter: https://twitter.com/ISACANews

LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial

Facebook: www.facebook.com/ISACAHQ


Tags: bribery
Previous Post

Corruption Persists in MENA Countries

Next Post

Identifying and Preparing Future Leaders

Corporate Compliance Insights

Related Posts

yellow job search box speech bubble

Fortune 500 Job Descriptions Are Still Biased Toward Men

January 12, 2021
cash

Banks Worldwide Amass $15B in Fines in 2020, U.S. Banks Account for 73%

January 11, 2021
cyber attack malware encrypted files and lock on cloud

Telos Announces Latest Version of its Next-Generation Cyber Risk Management Platform

January 7, 2021
Hologram of whatsapp logo over smartphone

Shield and TeleMessage to Deliver Direct Capture of Mobile and WhatsApp Communications

January 5, 2021
Next Post
Identifying and Preparing Future Leaders

Identifying and Preparing Future Leaders

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights