IT Auditors Identify Technology Challenges Companies Face

A new survey reveals the top technology risks that IT auditors believe should be on every executive's agenda.

A new survey reveals the top technology risks that IT auditors believe should be on every executive’s agenda.

As the scale of emerging technology risks facing companies continue to multiply, IT auditors play a key role in identifying these threats and helping their organizations to navigate them. A new survey conducted by Protiviti and The Institute of Internal Auditors (IIA) reveals which risks are keeping IT auditors up at night.

The 11th annual Global Technology Audit Risks Survey polled a group of over 550 Chief Audit Executives (CAEs) and IT audit professionals on the technology risks their companies face over near-term (12 month) and medium-term (two to three year) time horizons. The survey revealed a number of key risks that the internal audit function is most concerned about, including:

Cybersecurity is the top priority by a wide margin

Nearly 75% of respondents, and an even higher percentage (82%) of CAEs and technology audit leaders, consider cybersecurity to be a high-risk area over the next 12 months. To address this risk, leaders and executives need to put mitigation plans into place. With the increased integration of emerging technologies into business functions, organizations anticipate that next-gen cyber threats pose the most significant risks over the next two to three years.

Artificial intelligence is an emerging risk with significant gaps in organizational preparedness and internal audit proficiency.

Only 28% of respondents indicate the use of AI (including generative AI) and machine learning (ML) as posing significant threats over the next 12 months. However, while AI may not be perceived as an immediate threat, it is rising rapidly on the risk horizon. Specifically, 54% of our survey participants believe advanced AI systems, including generative AI, present substantial risks in the coming two to three years. As the technology becomes more widely accepted and integrated into business operations, the complexities and uncertainties it introduces will become more pressing. Few organizations believe their level of preparedness or the proficiency of their technology audit group in handling AI/GenAI and ML risks are at acceptable levels.

The talent gap in IT is a growing concern.

For companies to address cyber- and AI-related risks, they need to hire talent with a deep understanding of these spaces at a time when such talent and skills are scarce. Companies must focus on hiring the leaders and team members they need as well as retaining and upskilling the existing talent pool. Companies with insufficient talent and intellectual capital in areas like cyber and AI will find themselves exposed when these risks become reality.

Other areas that the audit function identifies as significant threats over the next twelve months include third parties/vendors (60%), data privacy and compliance (58%), and transformations and system implementations (55%).

“When it comes to technology challenges, not only are companies facing a wide range of threats, but each of these threats is changing at an alarming rate,” said Angelo Poulikakos, global leader of the firm’s Technology Audit and Advisory practice. “Risks related to cyber and AI look radically different than a few years ago, and will surely continue to evolve. Companies that conduct internal audits more frequently and integrate advanced analytical tools and techniques into their audit processes will be more on top of these changes and consequently more prepared when real issues arise. Many organizations are now dealing with the strategic risks of the long-term talent gap, which is why we’re seeing more CAEs and auditors recognize this challenge.”

Click here for more information about Technology.

Business Continuity, Safety and Security, Technology

Angelo Poulikakos, Artificial Intelligence (AI), Audits, Business Resiliency, Cybersecurity, Generative AI, Global Technology Audit Risks Survey, IT, Protiviti, resilience, security, Talent Gap, technology, The Institute of Internal Auditors

Sponsored Content

Webinars, Podcasts & Videos

Business Continuity Webinar

Did You Miss Our Latest Business Continuity Webinar?

It's not too late! You can still watch the “Business Continuity Exercise Planning and Facilitation Techniques To Start Now” video webinar.

facility resilience webinar

From Prevention To Action: The Role Of Facilities Management In Handling Emergencies And Maintenance

This free webinar on facility resilience will provide actionable strategies to safeguard assets, protect lives, and ensure operational continuity.

adaptive decision-making

Listen Now: Decision-Making During A Crisis

Robert C. Chandler, Ph.D, Founder and Principal of Emperiria discusses his research on adaptive decision-making in this podcast.

Receive the latest articles in your inbox

Share to...