|
|
24 Apr 2009
A survey published by KPMG looking at internal IT audits has highlighted various security risks in companies around the world.
The survey highlighted that the majority of respondents said they do present their findings to the audit committee, but only 37% of external auditors receive a copy of the findings, showing a 'disconnect' between internal and external reporting.
For 62%, security is the biggest skill set in demand, with 40% of respondents admitting that they will use outsourcing to a acquire the necessary skills set with this trend expected to continue over the next 18 months.
Warren Middleton, global head of IT internal audit at KPMG said: 'The need for up-to-date and regular reviews should be a fundamental part of the audit process – especially in the current climate where IT continues to be open to potential attack.'
'For businesses, life without technology is unthinkable and the need to get this right should make this a priority issue for all Boards' he adds.
The survey highlighted that over half of respondents are not aligning their IT internal audit with the company's wider governance remit and that almost 4 in 5 will only look at their IT on an annual basis.
The survey looked at 297 finance professionals from Europe, the Middle East and Africa and was carried out in association with - the Institute of Internal Auditors, and the Information Systems Audit and Control Association.
Further reading:
You may also like
Search thousands of financial jobs:
Search thousands of financial jobs:
Careers
Search for jobs
Click to search our database of all the latest accountancy roles
Create a profile
Click to set up your profile and let the best recruiters find you
Jobs by email
Sign up to receive regular updates with the latest roles suitable for you
Briefings
By looking at the reasons supplier statements became unfashionable, and the reasons why it is different today, this paper delves into the many benefits that can be obtained by automating the process.
Having a real and true view of your organisation’s current financial position, and having the right systems and processes in place, will ensure that you can make strong choices and are ready to capitalise on opportunities
AccountancyAgeInsight is a frequently updated resource centre for finance professionals, offering a free and easy-to-use digital library of briefings, white papers and other information resources. 
Visitor comments Add your comment
Organisations cannot maintain their reliance on the ?after the fact?, manual audit process
Unfortunately, for many organisations, compliance has become little more than a box ticking exercise that attempts to deliver a compliant organisation at one point in time. Yet change to the IT infrastructure is both rapid and constant ? and an essential component of business development and growth.
As a result each audit process is fraught with problems. Compliance officers know without any doubt that a manual spot check by auditors could well reveal some breach of compliance or audit finding that requires expensive, investigation. The result is increasing audit costs and a growing risk of major compliance failure ? with attendant fines and negative publicity.
With the compliance burden increasing year on year, organisations cannot maintain their reliance on the ?after the fact?, manual audit process; it is neither effective nor efficient. Automation has to be introduced into the process to drive down both cost and risk.
It is only by creating a continuous compliance process that leverages real-time monitoring to highlight changes that could take the infrastructure into a non-compliant state that any organisation will be able to effectively achieve multi-standard compliance in the long term.
Yours sincerely
Andrew Heather
General Manager, EMEA
Tripwire
www.tripwire.com
Posted by: Andrew Heather, 24 Apr 2009 | 00:00