Access and Feeds

IT Audits: Manage Risk by Proactively Monitoring Systems

By Dick Weisinger

Hacking, breaches, data privacy issues. Data governance and regulatory compliance. Businesses are just beginning to realize their responsibilities and potential liabilities when it comes to the proper handling of data which they have acquired.

Auditing of potential IT vulnerabilities has long been considered low priority relative to day-to-day operations and audits have often been something only talked about rather than actually performed.  But organizations that don’t pro-actively survey their IT environment are putting their organizations at risk.

Andrew Struthers-Kennedy, a Protiviti managing director and global leader of the firm’s IT Audit practice, said that “with regulators beginning to look more closely at the security and management of organizational data, we encourage IT audit teams to be aware of all data that an organization processes, where it resides and how it’s being protected. While the increase in data capture and processing activities offers opportunities for enhanced business insight and competitive advantage, it also adds significant risk and therefore data protection needs to be prioritized.”

Theresa Grafenstine, chair of ISACA’s board of directors, said that “given the increased focus on digital transformation within organizations, it’s important for IT auditors to be involved throughout the entire technology project lifecycle to ensure policies and processes are put in place to mitigate risk. IT audit leaders looking to become more engaged within their organization’s major technology projects have to build credibility with executive management teams by demonstrating the value that the IT audit function provides.”

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Leave a Reply

Your email address will not be published. Required fields are marked *