Over 10 years we helping companies reach their financial and branding goals. Onum is a values-driven SEO agency dedicated.

CONTACTS
IT audit

Collaboration is the new competition

We become stronger when we collaborate! On Friday, May 26, 2023, I was invited and had the privilege to participate in the ISACA Chapters & the Institute of Internal Auditors (IIA) joint webinar as a panelist together with other professionals to mark the 2023 International Internal Audit Awareness Month.

The theme of the event was: Auditing and Emerging Technology – Facing New Age Challenges.

Panelists included; Veronica Rose, CISA, CDPSEKenneth Palliam CISA, CGEIT, CRISC, CDPSE, ISAP (SA)Ramona Ratiu- MS, CISA, CISM, GSTRT, ITIL, COBIT, ITRiskIme Udoko (PMP,ITIL,CGEIT,COBIT 5,ISO 22301 LI)Ambrose Enuma, and Innocent Panni.

Special thanks to the organizing committee and moderators including; Emmanuel Omoke, CISA, CISM, CRISC President Abuja chapter, Rita Kobusinge- CISA,CDPSEWole Davis CFE, CISA, and Pascaline UMUHIRE

This was an event of a kind and it affirmed that collaboration is a new competition. The event was attended by 420+ professionals across the globe and All attendees earned 4 CPE Hours

Below are the key takeaways:

  • Get certified i.e. CISA, CIA, etc.
  • Join professional bodies i.e. ISACA, IIA, etc.
  • Know which data points to provide insights and oversight on.
  • Assess risk exposures from third parties continuously.
  • Auditors are the eyes and ears of management
  • The audit function is not the end but a means to achieve business objectives
  • Every company is a reachable target for cyber attacks, it’s just a matter of time.
  • Watch the movie called Terminator – for cyber enthusiasts
  • A cyber resilience culture is essential in every organization.
  • We need to reboot our cyber tactics
  • Slow down and cover the basics
  • Not everything needs to turn into an audit.
  • Communicate with stakeholders and give them high-level expectations.
  • Have joint problem-solving initiatives
  • Actively involve and collaborate on cyber risk assessment
  • Foster trust, transparency, and feedback
  • Invite stakeholders to the tabletop exercises
  • Encrypt audit reports that contain sensitive information
  • Train your teams continuously
  • Allocate liaisons between cyber and auditors
  • Observe interactions between departments
  • Incorporate fresh practice into best practices.
  • Introducing new technologies comes with new risks, particularly around cybersecurity and data privacy and it is critical for organizations to balance innovation with privacy and security to mitigate the risks.
  • Ensure the protection of sensitive information, the first step is to carry out a risk assessment on the audit client prior to the start of the engagement, this helps you keep your reputation.
  • Auditors should seek guidance from your digital trust officers or data privacy officers to guide the process of protecting sensitive information.
  • Auditors in general need an understanding of what they are auditing.
  • Training should be prioritized and awareness for all stakeholders on an audit engagement.
  • Auditors must also be aware of the applicable laws (GDPR, information misuse acts, HIPPA, DPA) in the respective regions, and regulatory requirements related to sensitive information.
  • Also during contracting, auditors need to honor contractual obligations e.g. sign off Non-disclosure agreements/confidentiality agreements and have clauses like the return of information after the closure of an engagement or termination of the contract.
  • Have Access control policies in place where information is shared on a need-to-know basis and access recertification reviews be done regularly.
  • Be conscious of whom you share information about a particular audit project. Educate clients and also advise them to educate their service providers about audits in general.
  • Confidentiality is a chain of responsibilities.

Sample feedback from attendees

Author

Veronica

Published Author | Director, One In Tech, Foundation | Director, ISACA Board of Directors | IT Audit Professional | Speaker | Member of National Association for Corporate Directors | Vlogger | CISO | Global Mentor | Data Privacy Solutions Engineer | Award Winner in the Cybersecurity industry

Leave a comment

Your email address will not be published. Required fields are marked *