Click here to close now.

Welcome!

SAP HANA Cloud Authors: Carmen Gonzalez, Elizabeth White, Liz McMillan, Pat Romanski, Plutora Blog

News Feed Item

Protiviti IT Audit Study Analyzes Gaps in Companies' IT Audit Function and Risk Assessments

Survey also identifies top 10 IT challenges

MENLO PARK, Calif., Nov. 5, 2012 /PRNewswire/ -- Although companies continue to increase their investments in and dependency on IT resources, many aren't doing enough to protect themselves, according to a new survey from global consulting firm Protiviti (www.protiviti.com). The firm's 2012 IT Audit Benchmarking Survey (www.protiviti.com/ITauditsurvey) ‑ which also reveals the top 10 technology challenges businesses face ‑ finds that a significant number of organizations do not conduct any type of IT audit risk assessment, and a considerable number of companies that do conduct assessments have critical gaps in their IT audit capabilities. 

(Logo: http://photos.prnewswire.com/prnh/20090115/AQTH541LOGO)

Protiviti's second edition of the IT Audit Benchmarking Survey analyzes some of the underlying IT audit trends and gaps evident in organizations today. In addition to data and analysis, the survey report also includes key questions for audit professionals to consider as they evaluate their own IT audit functions and capabilities.

"There's no question that IT risks can affect the bottom line. To succeed in today's business environment, it's absolutely critical for organizations to understand and manage IT risks that emerge with the rapidly escalating use of technology, and the best way to do that is with well-planned IT audit strategies and activities," said Brian Christensen, Protiviti's executive vice president of global internal audit. "We hope our survey results drive organizations to cast a more critical eye on their own IT audit strategy ‑ whether that means establishing a function or cultivating their IT audit team's experience and capabilities."

The Top 10 Technology Challenges
The IT Audit Benchmarking Survey asked participants to weigh-in – through an open-ended question that required a write-in response – on the top technology challenges that organizations face today. The top issues from the perspective of IT audit, including information security, cloud computing, social media, and risk management and governance, are consistent with those commonly cited by C-level executives and IT organizations. 

  1. Information security (including data privacy, storage, and management)
  2. Cloud computing
  3. Social media
  4. Risk management and governance
  5. Regulatory compliance
  6. Technology integration and upgradation
  7. Resource management
  8. Infrastructure management
  9. Fraud monitoring
  10. Business continuity/disaster recovery

IT Audit Risk Assessments – Good and Bad News
While this year's survey shows some improvement in regard to the number of companies conducting IT audit risk assessments ‑ particularly among organizations with revenues of $100 million - $999.99 million, there is still much room for improvement. Most notably, more than 30 percent of organizations with less than $100 million in annual revenues do not conduct any type of IT audit risk assessment.  

"Our findings also show that even when organizations do conduct IT audit risk assessments, they have some considerable gaps in their capabilities. Those gaps can be just as damaging as skipping an assessment," said David Brand, a Protiviti managing director and the firm's national IT audit leader. "For example, a majority of our respondents are understaffed, meaning less than 20 percent of their internal audit department is made up of IT audit staff."

Seventy-eight percent of survey respondents from companies with revenues greater than $1 billion see those gaps and have concerns that they may lack the necessary resources and skills to sufficiently address all areas of their IT audit plans. Examples of common gaps cited in the survey include limited ability to provide training for the IT audit team; not using outside resources to provide or augment IT audit capabilities; and lack of qualified IT audit professionals.

Additional Highlights

Other research findings of note include:

  • Sixty-five percent of organizations conduct their IT audit risk assessments on an annual basis, which may not be adequate to keep pace with the current rate of technology change and innovation.
  • Evaluating and assessing the IT governance process, as called for under The Institute of Internal Auditors Standard 2110.A2, is not a priority for organizations, regardless of size or region. On average, less than 30 percent of companies have complied with this standard, and less than one in three plans to do so within the next year.  

"Companies today face new IT-related risks and challenges every day," Brand said. "Internal auditors need to be more nimble than ever before and must constantly fine-tune their approach to the IT audit risk assessment to make a positive impact on their organizations."

Protiviti conducted its IT Audit Benchmarking Survey in the first and second quarters of 2012. Survey participants were comprised of more than 300 professionals worldwide, including chief audit executives, audit directors, and IT audit directors and managers. They responded to questions covering four categories:  IT audit in relation to the internal audit department; assessing IT risk; IT audit in relation to the internal audit department; and skills and capabilities. To learn more about the 2012 IT Audit Benchmarking Survey and obtain a complimentary copy of the report, please visit: www.protiviti.com/ITauditsurvey.

Podcast Available with Additional Survey Insights  
Protiviti has produced a podcast that offers David Brand's analysis and commentary about the findings in the survey. Please visit www.protiviti.com/podcasts to listen or download the complimentary podcast.

About Protiviti 
Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through its network of more than 70 offices in over 20 countries, the firm has served more than 35 percent of FORTUNE® 1000 and Global 500 companies. Protiviti also works with smaller, growing companies, including those looking to go public, as well as with government agencies.

Protiviti is a wholly owned subsidiary of Robert Half International (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index.

Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

 

SOURCE Protiviti

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it!
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust IT industrialization – allowing customers to provide amazing user experiences with optimized IT per...
SYS-CON Events announced today that the "First Containers & Microservices Conference" will take place June 9-11, 2015, at the Javits Center in New York City. The “Second Containers & Microservices Conference” will take place November 3-5, 2015, at Santa Clara Convention Center, Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
ThingsExpo New York is offering a limited time FREE "Expo Plus" registration option in New York. On site registration price of $1,95 will be set to 'free' for delegates who register during special offer. To take advantage of this opportunity, attendees can use the coupon code, and secure their registration to attend all keynotes, ThingsExpo sessions, expo floor, and SYS-CON.tv power panels. Special FREE registration givess access to all DevOps, Containers and Microservices sessions as well. Registration page is located at the ThingsExpo site.
The only place to be Nov 3-5 is Cloud Expo | @ThingsExpo | DevOps Summit 2015 West at the Santa Clara Convention Center in Santa Clara, CA. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT, Big Data and DevOps companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterprise. Speakers from all over the world will be hand-picked for their ability to explore the economic strategies that utility/cloud computing provides. Whether...
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
“Connect2Me is basically a game changer in the IoT industry. We have created IoT connecter middleware that can enable a connection to any kind of device," explained Yasser Khan, CTO of Connect2Me, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
Health care systems across the globe are under enormous strain, as facilities reach capacity and costs continue to rise. M2M and the Internet of Things have the potential to transform the industry through connected health solutions that can make care more efficient while reducing costs. In fact, Vodafone's annual M2M Barometer Report forecasts M2M applications rising to 57 percent in health care and life sciences by 2016. Lively is one of Vodafone's health care partners, whose solutions enable older adults to live independent lives while staying connected to loved ones. M2M will continue to gr...
SYS-CON Events announced today that the "First Containers & Microservices Conference" will take place June 9-11, 2015, at the Javits Center in New York City. The “Second Containers & Microservices Conference” will take place November 3-5, 2015, at Santa Clara Convention Center, Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
DevOps Summit at Cloud Expo New York is offering a limited time FREE "Expo Plus" registration option in New York. On site registration price of $1,95 will be set to 'free' for delegates who register during special offer. To take advantage of this opportunity, attendees can use the coupon code, and secure their registration to attend all keynotes, @DevOpsSummit sessions at Cloud Expo, expo floor, and SYS-CON.tv power panels. Special FREE registration givess access to all Containers and Microservices sessions. Registration page is located at the DevOps Summit site. Your DevOps Summit registratio...
SYS-CON Events announced today that MediaTek Labs will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. MediaTek Labs is a global ecosystem initiative supporting Wearables and Internet of Things device creation, application development, and services based around MediaTek chipset offerings. Developers can use the MediaTek LinkIt™ ONE development platform and the LinkIt ONE HDK to easily access the features and functions of the MediaTek MT2502 System on a Chip (SoC), with the goal of creating the next generation of MediaTek p...
Imagine a world where targeting, attribution, and analytics are just as intrinsic to the physical world as they currently are to display advertising. Advances in technologies and changes in consumer behavior have opened the door to a whole new category of personalized marketing experience based on direct interactions with products. The products themselves now have a voice. What will they say? Who will control it? And what does it take for brands to win in this new world? In his session at @ThingsExpo, Zack Bennett, Vice President of Customer Success at EVRYTHNG, will answer these questions a...
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are rapidly redefining traditional integration approaches and their reliance on proprietary connectors. ...
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participa...
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"For over 25 years we have been working with a lot of enterprise customers and we have seen how companies create applications. And now that we have moved to cloud computing, mobile, social and the Internet of Things, we see that the market needs a new way of creating applications," stated Jesse Shiah, CEO, President and Co-Founder of AgilePoint Inc., in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.