KPMG Asks If You'll Be Ready When IT Auditors Knock
How often do you review your IT systems in preparation for internal audits - quarterly? Twice a year? Once a year? If you're not doing it at least quarterly, you might find yourself and your team at risk when the internal auditors do come calling, particularly in these times of increasing regulatory requirements, a new KPMG report says.
How often do you review your IT systems in preparation for internal audits - quarterly? Twice a year? Once a year? If you're not doing it at least quarterly, you might find yourself and your team at risk when the internal auditors do come calling, particularly in these times of increasing regulatory requirements, a new KPMG report says.While the KPMG report was based on a survey of CIOs in Europe, the Middle East, and Africa, the increasingly heavy regulatory environment here in the U.S. makes the findings relevant to U.S.-based CIOs as well.
A news story on the British website Computing says that since a primary factor behind the current global economic downturn was a liquidity crisis among many banks around the world, it is likely that governments will be stepping in to increase the level and scope of regulation above even its current levels. And IT systems will be a primary focus of the new policies and requirements:
"Because there's a perception of the lack of corporate governance, there'll be more regulation by government and agencies across different industry sectors, " warns Warren Middleton, global head of IT internal audit at KPMG. However, most organisations only audit their internal IT systems annually, and with an increase in regulation likely, many may be caught out, predicts Middleton.
"In an environment where technology is a vital part of a business' make-up, and the opportunity for deliberate sabotage is high, the need for a more regular review of audit plans has never been greater," he says.
The KPMG study of almost 300 finance-industry IT organizations across the EMEA regions revealed that 78% go through a a single round of audit planning per year. If the KPMG recommendations are on target, then that policy is sure to result in a new and very unexpected type of stress tests for those once-is-enough financial companies.
And for some additional statistics, plus a slightly different perspective on the whole situation, AccountacyAge also wrote about the study with more of a focus on the security risks mentioned in the study.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.