Internal Auditors: ISO 27000 the Top Tech Need


When it comes to information security know-how, many internal auditors said they wouldn’t make the grade.

The 2008 Internal Audit Capabilities and Needs Survey from Protiviti found that among internal auditors, the top technical competencies in need of improvement were ISO 27000, enterprise risk management (ERM) and fraud risk management (FRM).

Chief audit executives constituted more than a third of the 516 audit professionals who participated in the study. CAEs also named ISO 27000, the certification standard for information security developed by the International Organization for Standardization, as their top competency in need of improvement, followed by COSO and FRM.

ISO 27000 was not listed in the 2007 Capabilities and Needs survey. Bob Hirth, executive vice president of global internal audit solutions for Protiviti, said in a release, “An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area. Clearly, more organizations view themselves vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them.”

Source: 2008 Internal Audit Capabilities and Needs Survey, www.protiviti.com/go/2008capabilitiesandneeds.

SPONSORED QUIZ

How well do you know small business?

There are over 30 million small businesses in the U.S., and many of them are optimistic in their outlook. Are you familiar with the obstacles and opportunities they are facing? Test your small business acumen with this quiz sponsored by Chase Ink®.

SPONSORED REPORT

In focus: Payroll

Providing payroll services that comply with ever-changing regulations and meet evolving employee and employer demands is no easy task. Paychex's Tom Hammond discusses common payroll considerations for CPA firms.