No Audio There is no audio in this video.

FROM AI TO CYBER - DECONSTRUCTING A COMPLEX TECHNOLOGY RISK LANDSCAPE

Assessing the results of the 12th Annual Global Internal Audit Perspectives on Top Technology Risks Survey from Protiviti and The Institute of Internal Auditors

Executive summary

Cybersecurity. Data privacy and governance. Artificial intelligence (AI). Third-party risk.

The 12th Annual Global Internal Audit Perspectives on Top Technology Risks Survey reveals a nuanced view of the tech risk landscape facing organisations, highlighting cybersecurity as the top concern, amplified by fears over data breaches and ransomware. Emerging trends emphasise the growing influence of AI on technology auditing and its associated risks. The findings underscore the need for auditors to adopt new strategies and increase audit frequency to stay ahead in an evolving environment where high-frequency IT auditing groups report a distinct perception of threats compared to their peers.

Our key findings

Cybersecurity is top tech threat

Not only do cyber concerns stand out as the top threat, but these concerns are even greater among organisations conducting technology audits more frequently, as well as among those using cybersecurity and AI-based tools to support the technology audit department. These more mature organisations also expressed the highest level of preparedness to handle this risk.

AI's emerging influence

While AI is not viewed as a significant short-term technology concern, most respondents (59%) view advanced AI systems as posing significant risks to their organisations in the next two to three years. Further, the use of AI-based tools in technology auditing is associated with elevated concerns about various threats, including cybersecurity and data privacy, and also drives higher levels of perceived organisational preparedness to handle such threats.

Data concerns are prevalent

Data privacy, compliance, governance and integrity rank among the top technology risks organisations face, and 52% view data breaches and leaks of sensitive information as posing the greatest cybersecurity-related threats.

More tech audits, better performance

Conducting more technology audits annually (for purposes of analysing this survey’s results, defined as six or more — see page 8) drives a clearer understanding of the threat landscape and contributes to improved organisational preparedness and technology audit proficiency to handle these threats. Conversely, organisations with lower audit frequency may face blind spots in their risk management efforts, underscoring the importance of regular and thorough auditing.

Embrace the use of emerging technologies like generative AI to help identify and address the most critical technology risks.
Angelo Poulikakos

Our call to action for technology audit leaders and teams

This year’s research results point to seven important actions that CAEs and technology audit leaders and teams should take to address today’s and tomorrow’s technology challenges and position their organisations for success.

  • Increase the frequency of technology audits performed annually.
  • Assess technology audit proficiency gaps.
  • Embrace the use of advanced tools in technology auditing.
  • Stay laser-focused on cybersecurity.
  • Stay on the leading edge of AI.
  • Don’t forget data.
  • Prioritise third-party risk management.
Embrace the use of emerging technologies like generative AI to help identify and address the most critical technology risks.
Angelo Poulikakos

IIA’s Guidance on Proficiency

Advanced AI poses significant risk in emerging tech over next 2-3 years
Advanced AI poses significant risk in emerging tech over next 2-3 years
Loading...