A look at how IT Internal Audit is responding to the increased pressure to measure the management and mitigation of technology risks.
Technology risk is pervasive and continually changing. It is a critical time for IT professionals and internal auditors of IT, who must build plans to provide assessments of, and insights into, the most important technology risks and how to mitigate them. IT Internal Audit (ITIA) must keep abreast, and wherever possible anticipate, fast-moving developments in technology. In particular, ITIA must plan, deliver and, when necessary, flex its audit plan in such a way that it responds to these changes in the most appropriate, efficient and effective manner. And it must do so within the budgetary constraints imposed by the organization, facing competition (both internal and external) for resources.
To find out how ITIA is responding to these challenges, KPMG surveyed ITIA representatives of 250 organizations, both large and small, that are operating in a wide range of industries around the world. At a time when demands placed on ITIA are steadily growing, this report is intended to stimulate your thinking and provide fresh perspectives.
Based on our analysis of the survey results, the main findings include:
© 2019 KPMG, a group of Bermuda limited liability companies which are member firms of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
KPMG International Cooperative (“KPMG International”) is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.