Have you ever asked yourself what the impact of the internal audit is when it comes to cyber security?
Depending on your current role you might have different answers, and, in this episode, we will talk about the role internal audit has on cyber security.
The cyber territory was and often still is a topic allocated to IT only. In my world of Corporate Integrity, Governance, Risk, and often also Non-Compliance and Fraud – it is not enough to see IT in its function being responsible for the territory of cyber.
Why should it? Or to whom would we then allocate the non-digital territory? Cyberspace or cyber security – no matter how you would like to call the environment impacting our all businesses is much broader and affects every single part of our vision, strategy, operations, and resources.
When it comes to internal audit – one of the three lines of defense – the territory of cyber plays an important role too. Organizations have different reasons why they rely and mitigate solutions that are cloud-based.
That means, that processes are at least partially reflected in the territory of cyber too.
And here internal audit comes in and is uniquely positioned.
Already when solutions are evaluated and processes adapted – the role of internal audit is key to establish an independent and objective view.
Investing in a highly skilled Internal Audit is key for every organization.
The evaluation process of Internal Audit is also not optional as cyber security is.
As board members, we must implement processes to ensure that our organization is challenged by the independent questions of professional internal auditors.
Cyber security is a strategic element that needs to be treated with the highest attention.
I will now bring up the take-to-the office reflection again as I think these three questions could – if necessary – support also your organization:
If you would have to judge how much your company depends on the cyber territory where would you rank from 0 – 100%?
And if you have that ranking, how good would you rate the skillset of your internal audit to audit these dependencies. Use a rating from 1-4 where 4 is perfect and 1 is poor.
What could you do within your position to balance the dependency and the skillset – if balance is needs?
So, for all the board members – next time when you talk to your Internal Audit team keep in mind how important they are and express your expectations.
And for you as an Internal Audit leader – make sure that your expertise and work supports the organizations' strategy.
THANK YOU FOR SHARING, SUBSCRIBING AND REVIEWING
Thank you for joining me on this episode of THE HUMAN FACTOR – Corporate Integrity Matters.
If you enjoyed this episode, please share, subscribe and review on Apple Podcasts or Google Play Music so more people can enjoy the upcoming episodes.