IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Cyber security holds top spot in IT audit risk list

Privacy, data, and regulatory compliance are among other concerns facing IT audit departments


A survey commissioned by Protiviti and ISACA revealed cyber security holds the top spot on the IT audit risk list, while privacy and data, as well as regulatory compliance, also rank highly.

“War-related cyber attacks are on the rise, the surge of sophisticated ransomware attacks is ongoing and remote work continues to subject many organizations to new cyber security risks,” stated Proviti.

Even so, the survey showed that one-fifth of organizations don't anticipate cyber security risks to be addressed in their 2022 audit plans.

"Given the increasingly complex and rapidly changing technology risk landscape we're in, it's imperative for IT audit leaders to understand they are responsible for maintaining a holistic view of IT risks impacting the entire organization," commented Angelo Poulikakos, managing director and global leader of Protiviti's technology audit practice. 

"This requires tech-enablement from an audit standpoint and regular calibration of risk assessments to suit the current environment, rather than 'rinsing and repeating' the work from previous years."

The top risks highlighted in the survey emphasize the vital but sensitive role that data plays in organizations today, with respondents voicing concerns about how data is gathered, controlled, and secured.

Related Resource

Nine steps to IT audit readiness

How technology can help win back your time and reduce IT risk

Whitepaper cover with image of female employee wearing glasses reflected in a screen of data graphsFree Download

"With a global focus on data regulation, it may be easy to view data solely through a lens of compliance," said Paul Phillips, ISACA director of event content development and risk professional practice lead. 

"However, consumer concern with how their data are used and stored and other operational matters that can quickly become reputational matters must not be discounted. As IT auditors assess risk and evaluate controls associated with data, the tremendous organizational value (and responsibility) of data and the importance of trust should always be top of mind," added Phillips.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

Empowering employees to truly work anywhere

Empowering employees to truly work anywhere

22 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022