Internal Auditors: ISO 27000 the Top Tech Need


When it comes to information security know-how, many internal auditors said they wouldn’t make the grade.

The 2008 Internal Audit Capabilities and Needs Survey from Protiviti found that among internal auditors, the top technical competencies in need of improvement were ISO 27000, enterprise risk management (ERM) and fraud risk management (FRM).

Chief audit executives constituted more than a third of the 516 audit professionals who participated in the study. CAEs also named ISO 27000, the certification standard for information security developed by the International Organization for Standardization, as their top competency in need of improvement, followed by COSO and FRM.

ISO 27000 was not listed in the 2007 Capabilities and Needs survey. Bob Hirth, executive vice president of global internal audit solutions for Protiviti, said in a release, “An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area. Clearly, more organizations view themselves vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them.”

Source: 2008 Internal Audit Capabilities and Needs Survey, www.protiviti.com/go/2008capabilitiesandneeds.

SPONSORED REPORT

CPEOs provide peace of mind around payroll services

The creation of these new IRS-certified service providers for small businesses clarifies some issues around traditional professional employer organizations.

QUIZ

8 sentences to help you master subject-verb agreement

When professionals prepare written material for readers inside their organization or outside, they should make sure that no errors distract from the message they need to convey. Take this short quiz for practice in subject-verb agreement.