• Register
Return to: Home > News > Big Four > KPMG: Cybersecurity is the biggest internal audit risk in 2017

KPMG: Cybersecurity is the biggest internal audit risk in 2017

The focus for internal auditors should be on cybersecurity, according to the report; KPMG Internal Audit; Top 10 Considerations for 2017.

KPMG investigated companies in different sectors and analysed the results from more than 400 respondents on internal audit issues for 2017.

The top ten 2017 internal audit concerns according to KPMG’s report are:

1.            Cybersecurity

2.            Culture / soft controls

3.            Integrated assurance

4.            Regulatory Compliance

5.            Third party relationships

6.            Anti-bribery / anti-corruption

7.            Emerging technologies

8.            Data analytics and continuous auditing

9.            Performance risk

10.          Strategic alignment

The increasing expertise of hackers is pointed out in the report, on how they can penetrate the system, including through connections with suppliers and technology partners.

A representative from the Institute of Chartered Accountants in England and Wales’ (ICAEW’s) IT facility told the International Accounting Bulletin: “Cyber security continues to be high on the agendas of all organisations. They are facing more sophisticated and organised attackers, who continue to exploit weakness in organisations, especially people, to gain access to systems and sensitive data. Integrated supply chains and pressure to innovate with new technologies add to the risks.”

The drivers of cybersecurity include minimising the costly consequences of data breaches such as investigations, legal fines, coverage of customer losses, and potential loss of customers and business. Consequences can be minimised through averting reputational damage to the organization, avoiding non-compliance with regulatory requirements, and preventing loss of intellectual property or capital.

There are also two other major concerns for internal audit; corporate culture and so-called soft controls. This refers to problems caused by incorrect employee behaviour and the lack of an effective system that can respond to associated business risks.

An Association of Chartered Certified Accountants (ACCA) spokesperson told the International Accounting Bulletin: “Audit’s value – internal and external – comes from the benefit it brings by helping businesses to be more effective in identifying areas of risk, poor controls and inefficiencies. Internal auditors are increasingly becoming the business’ eyes and ears to report fraud, bribery and money laundering activities, many of which now happen in the cyber world. Internal audit also needs to be aware of the balance between security and utility.”

The representative from ICAEW’s IT facility added: “International organisations specifically have to comply with multiple regulations around cyber security and privacy. Ticking a box to say the board has discussed cyber risk is not enough. For accountancy firms, cyber risks continue to be both a threat and an opportunity. They have to manage their own risks carefully to maintain client trust, as well as advise clients showing leadership in this area.”

"The consequences of security holes can be disastrous, because the core function and reputation of a company may be affected." said a KPMG representative.

The ACCA spokesperson continued: “KPMG’s report is a must-read for the profession, and not just for internal auditors. It highlights the issues we all face in the digital 24/7 world, where cybersecurity is a cause of concern for all in a business and not just the internal audit function.”

KPMG’s full report - KPMG Internal Audit; Top 10 Considerations for 2017 - can be found here:

Top Content

    Time pressure: Facing up to mental health

    In an ‘always on’ culture, it is becoming increasingly difficult to manage a healthy work-life balance. While companies are beginning to address this problem by introducing different support systems, Joe Pickard finds more could be done to ensure the wellbeing of the professions workforce.

    read more

    Venezuela: the race for the dollar

    With a new currency following hyperinflation, large sections of the population emigrating to neighbouring countries, an economy on the brink of collapse and no apparent solution coming from the government, Jonathan Minter finds a profession struggling to stay afloat in Venezuela.

    read more

    Brazil: transparency and control

    Brazilian accountants have an optimistic view of the impact of more-regular reporting and the implications of audit controversies for the profession. Paul Golden reports.

    read more

    Argentina: looking for a clearer view

    The Argentine accounting profession continues to grapple with the impacts of a weak economy and a culture of financial corruption. Paul Golden takes a closer look.

    read more

    Blockchain: adapting to disruptive tech

    In the relatively few years since digital currencies first began using blockchain technology, the array of potential applications has grown significantly – and continues to expand. Dan Balla, Matthew Schell and Dave Uhryniak from Crowe look at how it impacts accountancy.

    read more
Privacy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.