IT Audit Perspectives on Top Technology Risks
Results of ISACA/Protiviti global survey reveal cybersecurity, privacy, data and regulatory compliance are top-of-mind concerns
An uncertain global economy, volatile geopolitical developments, a persistent pandemic and an evolving catalog of technology risks have created mounting challenges for IT audit leaders and their functions.
The results of the latest IT Audit Technology Risks Survey from ISACA and Protiviti, in which more than 7,500 IT audit leaders and professionals from around the world participated, show a dynamic threat landscape, one that has notably increased in severity since our last survey. Specifically, cybersecurity, privacy, data and regulatory compliance are top-of-mind concerns.
Infographic & key findings
- The greatest IT audit concerns lie with cybersecurity-related breaches and related risk issues (ransomware, loss of data, etc.) — Across nearly every industry and organization type, cybersecurity is the top-ranked technology risk. Related cyber issues such as data privacy, managing security incidents, disaster recovery, access risk and third-party risk also rate as top concerns given that they can lead to reputation damage, loss of revenue/customers and regulatory fines/scrutiny.
- Data governance and data integrity are being scrutinized — These risk issues are proving difficult given the frequency and magnitude of internal changes and transformations as well as external disruptions and volatility.
- Regulatory compliance burdens and risk are increasing rapidly — IT audit teams, as well as other departments (e.g., legal, compliance, IT), are scrambling to keep pace with new data privacy and data security rules as well as changing legal and regulatory compliance requirements that have growing implications for organizational data management and technology-related activities.