Internal Auditors: ISO 27000 the Top Tech Need


When it comes to information security know-how, many internal auditors said they wouldn’t make the grade.

The 2008 Internal Audit Capabilities and Needs Survey from Protiviti found that among internal auditors, the top technical competencies in need of improvement were ISO 27000, enterprise risk management (ERM) and fraud risk management (FRM).

Chief audit executives constituted more than a third of the 516 audit professionals who participated in the study. CAEs also named ISO 27000, the certification standard for information security developed by the International Organization for Standardization, as their top competency in need of improvement, followed by COSO and FRM.

ISO 27000 was not listed in the 2007 Capabilities and Needs survey. Bob Hirth, executive vice president of global internal audit solutions for Protiviti, said in a release, “An ever-increasing reliance on IT-generated data and the plethora of data security breaches are contributing to the need for internal auditors to enhance their skills in this critical area. Clearly, more organizations view themselves vulnerable to such risks and are relying on internal auditors to help mitigate and monitor them.”

Source: 2008 Internal Audit Capabilities and Needs Survey, www.protiviti.com/go/2008capabilitiesandneeds.

SPONSORED REPORT

Solving the lease accounting challenge

The challenges of the new lease accounting standard have been pervasive to say the least. In this free, independently-written report, you'll learn effective adoption strategies as well as resources for easing the transition to the new standard.

FEATURE

Tackling TCJA changes this tax season

Return preparers must be ready for how the Tax Cuts and Jobs Act has modified many common features of individual and business returns.