Share with your friends

Top 10 Internal Audit Focus Areas for Technology Companies in 2018

Top 10 Internal Audit Focus for Tech Companies 2018


Related content

Strategies for the third line of defense

Internal audit strategies are critical as technologies evolve and business environments change. This annual publication outlines the critical role internal audit has in helping technology companies manage some of today’s most important risk areas.

The 10 focus areas for technology companies in 2018 are:

  1. Cybersecurity
  2. Regulatory compliance
  3. Open source software compliance and vulnerability management
  4. Non-GAAP financial and operating measures
  5. Culture risk
  6. Governance for intelligent automation
  7. New accounting standards
  8. Use of data and analytics in internal audit
  9. Transitioning to and operating in the cloud
  10. Data protection and privacy

KPMG selected these focus areas based on discussions with chief audit executives at technology companies, feedback from our technology internal audit share forum, input from KPMG professionals who work with technology companies, and relevant KPMG survey data.

A number of megatrends continued to manifest themselves in 2017 and early 2018. Cyber breaches seem to be growing in scope and frequency. The importance of integrity and a strong corporate culture is more important now than ever, especially for technology companies. Artificial intelligence (AI) and data and analytics (D&A), in their many forms, are accelerating their impact on our workplaces and personal lives. New regulations surrounding accounting standards and data protection are here instead of "coming down the road."

For internal audit (IA) professionals at technology companies, these issues and a host of others have created a new risk matrix, placing greater priority than ever before on the efficient oversight of corporate governance, internal controls, and regulatory compliance.

As always, our annual top 10 focus areas represents our assessment of the key challenges facing technology companies right now. Of course, every technology company is unique. It is critical that IA as a function takes a company-specific view of the risks involved in the development and prioritization of its own focus areas.

In the end, it is not important if our #6 is your #2 and our #1 is your #4. What is significant is that, collectively, this list inspires you to think critically and develop strategies for combating the internal and external threats that can keep your organization from innovating and growing.

For more information, download the full report below.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

Connect with us


Want to do business with KPMG?


loading image Request for proposal