About the Survey ISACA and Protiviti partnered to conduct the fourth annual IT Audit Benchmarking Survey in the third quarter of 2014. More than 1,300 executives and professionals from around the world completed our online questionnaire. There’s no disputing technology’s role in business as an enabler of virtually every process and function. With this enablement and the advantages IT brings also come global risks – security, cyberattacks, privacy issues, data breaches, governance, asset management and much more. The critical question we ask is: Are IT audit practices keeping pace in order to assess, monitor and mitigate critical risks coupled to a technology-enabled business? A Global Look at IT Audit Best Practices Assessing the International Leaders in an ISACA/Protiviti Survey For more information, visit isaca.org/2014ITauditstudy and protiviti.com/ITauditsurvey. © 2014 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Vet. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services. Good News: IT Audit Directors on the Rise Percentage of organizations with a designated IT audit director (or equivalent position) 2014 44% 2013 39% 2012 33% Global Leader: Middle East (50%) Large Organizations: 59% Percentage of organizations in which the IT audit director regularly attends audit committee meetings 2014 54% 2013 42% 2012 27% Global Leader: Africa (82%) Large Organizations: 48 % Quarterly or more frequently Semi-annually or less frequently Room for Improvement: IT Audit Risk Assessments Percentage of organizations that conduct an IT audit risk assessment Africa 87% Middle East 89% Asia 83% North America 89% Europe 90% Oceania 88% Latin America 84% Africa 30% 70% Asia 30% 70% Europe 27% 73% Latin America 20% 80% Middle East 21% 79% North America 18% 82% Oceania 22% 78% Note: Ideally, organizations should seek to update their IT audit risk assessments on a quarterly basis or more frequently, which leading organizations are doing. 1. IT security and privacy/cybersecurity 2. Resource/staffing/skills challenges 3. Emerging technology and infrastructure changes: transformation, innovation, disruption 4. Regulatory compliance 5. Budgets and controlling costs 6. IT governance and risk management 7. Big data and analytics 8. Vendor, third-party and outsourcing risks 9. Cloud computing/virtualization 10. Bridging IT and the business TODAY’S TOP TECHNOLOGY CHALLENGES Frequency with which the IT audit risk assessment is updated*

A Global Look at IT Audit Best Practices - ISACAm.isaca.org/.../Documents/Infographic-4th-Annual-IT...mis_Eng_1114.pdf · With this enablement and the advantages IT brings also come

Download PDF Report

Upload
nguyendung
View
215
Download
2

Embed Size (px)

Citation preview

Page 1: A Global Look at IT Audit Best Practices - ISACAm.isaca.org/.../Documents/Infographic-4th-Annual-IT...mis_Eng_1114.pdf · With this enablement and the advantages IT brings also come

About the Survey

ISACA and Protiviti partnered to conduct the fourth annual IT Audit Benchmarking Survey in the third quarter of 2014. More than 1,300 executives and professionals from around the world completed our online questionnaire.

There’s no disputing technology’s role in business as an enabler of virtually every process and function. With this enablement and the advantages IT brings also come global risks – security, cyberattacks, privacy issues, data breaches, governance, asset management and much more. The critical question we ask is: Are IT audit practices keeping pace in order to assess, monitor and mitigate critical risks coupled to a technology-enabled business?

A Global Look at IT Audit Best PracticesAssessing the International Leaders in an ISACA/Protiviti Survey

For more information, visit isaca.org/2014ITauditstudy and protiviti.com/ITauditsurvey.

© 2014 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Vet. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

Good News: IT Audit Directors on the RisePercentage of organizations with a designated IT audit director (or equivalent position)

2014 44% 2013 39% 2012 33%

Global Leader: Middle East (50%)Large Organizations: 59%

Percentage of organizations in which the IT audit director regularly attendsaudit committee meetings

2014 54% 2013 42% 2012 27%

Global Leader: Africa (82%)Large Organizations: 48 %

Quarterly ormore frequently

Semi-annually orless frequently

Room for Improvement:IT Audit Risk AssessmentsPercentage of organizations that conduct anIT audit risk assessment

Africa 87% Middle East 89%Asia 83% North America 89%Europe 90% Oceania 88%Latin America 84%

Africa 30% 70%Asia 30% 70%Europe 27% 73%Latin America 20% 80%Middle East 21% 79%North America 18% 82%Oceania 22% 78%

Note: Ideally, organizations should seek to update their IT audit riskassessments on a quarterly basis or more frequently, which leadingorganizations are doing.

1. IT security and privacy/cybersecurity2. Resource/staffing/skills challenges3. Emerging technology and infrastructure changes: transformation, innovation, disruption

4. Regulatory compliance5. Budgets and controlling costs6. IT governance and risk management7. Big data and analytics

8. Vendor, third-party and outsourcing risks9. Cloud computing/virtualization10. Bridging IT and the business

TODAY’S TOP TECHNOLOGY CHALLENGES

Frequency with which the IT audit riskassessment is updated*