Cybersecurity and data management top concerns for IT auditors


Monday, 21 October, 2019

Cybersecurity and data management top concerns for IT auditors

In an unsurprising result, IT security, privacy and cybersecurity remain the top challenges for chief audit executives, internal audit professionals and IT audit vice presidents and directors worldwide, with data management and governance and emerging technology and infrastructure changes close behind, according to the International Systems Audit and Control Association (ISACA) and Proviti’s latest study.

“As much as organisations are focusing on cybersecurity and protecting their data, they’re still behind given the changing landscape, growing sophistication of cybercriminals, evolving regulatory requirements such as GDPR and persistent gaps and process breakdowns that emerge as part of their ongoing transformation projects,” Proviti Managing Director Andrew Struthers-Kennedy said.

“The bottom line is IT audit cannot let its guard down.”

In particular, data management and governance has garnered increased attention over the past year, with respondents recognising it as the second most critical challenge for their organisations, a significant jump from its number 10 spot in last year’s Global IT Audit Benchmarking Study.

“There is considerable room for improvement in terms of the structure, quality and accuracy of the data available in most organisations. When an organisation reaches higher levels of maturity related to data management and governance, it’s much more adept at not only avoiding downside risks but also taking advantage of the opportunities for using data as an enterprise-enabled and competitive differentiator,” Struthers-Kennedy said.

To help bolster organisations’ IT governance, risk management, information security and strategies, IT auditors are becoming more involved in key IT department committees, ISACA Technical Research Manager Robert Lyons said.

“As these two groups work together, risk management becomes a shared, real-time effort that reduces guesswork by IT audit as to which project challenges and risks truly exist.”

Predictably, staffing and skills challenges also came in the top five concerns, with 32% of respondents with revenues ranging from US $100 million to $1 billion saying they are unable to address specific areas of their annual IT audit plan due to a lack of resources and skills.

The top five skills currently in demand are: ‘expertise in advanced and enabling technologies’, ‘critical thinking’, ‘data science’, ‘agile methodology’ and ‘communications expertise’, according to the study.

Image credit: ©stock.adobe.com/au/Jakub Jirsák

Related News

Australian businesses adopting AI at a rapid pace

New research published by AWS indicates that an Australian business is adopting AI an average of...

ISACA launches AI‍-‍centric certification for security professionals

The Advanced in AI Security Management (AAISM) certification focuses on the implement AI...

ACS backs digital productivity vision but urges action on AI regulation

Rather than promoting a wholesale rethink of AI regulation, ACS is calling for parallel progress,...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd