Internal Auditors: ISO 27000 the Top Tech Need


When it comes to information security know-how, many internal auditors said they wouldn’t make the grade.

The 2008 Internal Audit Capabilities and Needs Survey from Protiviti found that among internal auditors, the top technical competencies in need of improvement were ISO 27000, enterprise risk management (ERM) and fraud risk management (FRM).

Chief audit executives constituted more than a third of the 516 audit professionals who participated in the study. CAEs also named ISO 27000, the certification standard for information security developed by the International Organization for Standardization, as their top competency in need of improvement, followed by COSO and FRM.

ISO 27000 was not listed in the 2007 Capabilities and Needs survey. Bob Hirth, executive vice president of global internal audit solutions for Protiviti, said in a release, “An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area. Clearly, more organizations view themselves vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them.”

Source: 2008 Internal Audit Capabilities and Needs Survey, www.protiviti.com/go/2008capabilitiesandneeds.

SPONSORED REPORT

2018 financial reporting survey: Challenges and trends

Learn the top reporting challenges that emerged in a survey of more than 800 finance, accounting, and compliance professionals across the world, and compare them with your organization's obstacles.

PODCAST

How the skill set for today’s CFO is changing

Scott Simmons, a search expert for large-company CFOs, gives advice for the next generation of finance leaders and more, including which universities are regularly producing future CEOs and CFOs.