Security News

As part of a SOC2 audit, it is necessary to conduct security checks across the company's SaaS stack that will look for misconfigured settings such as detection and monitoring to ensure continued effectiveness of information security controls and prevent unauthorized/ inappropriate access to physical and digital assets and locations. If you're beginning or on a SOC2 audit journey, then an SSPM solution can streamline the process and shorten the time it takes to pass a SOC2 audit successfully, fully covering your SaaS Security posture.

Specops Password Auditor is a read-only tool that scans your Active Directory and identifies password-related vulnerabilities. The collected information generates multiple interactive reports containing user and password policy information.

A research from Vanson Bourne examines how financial services are faring with the ever-increasing challenge of audit overload. The study, which surveyed 200 U.S. IT security professionals in the financial services industry, revealed that 97 percent financial institutions experience challenges when working on audits. The state of the financial services' audit process Financial organizations spend an average of 71 working days each quarter responding to audit evidence requests, have an average of 13 different IT security compliance and privacy regulations with which they must comply, and have an average of 54 dedicated people who work on IT security compliance and/or privacy regulations.

COVID-19 stretched organizational resources and unleashed new risks on a global basis, prompting an ongoing pivot by internal audit departments to address the evolving challenges, according to a survey by AuditBoard. "COVID-19 created what is arguably the greatest disruption for organizations as well as for internal auditors, due to their enterprise-wide role," said Richard F. Chambers, AuditBoard Senior Internal Audit Advisor, who authored the report.

Ransomware and the long-term effects of COVID-19 on markets and organizations are key items to cover in 2022 audit plans, according to a Gartner report. The report also identified evolving societal expectations for enterprises, such as environmental, social and governance risks, and operational resilience as top risk areas for 2022.

The survey polled more than 175 CAEs across a range of industries, uncovering five key trends respondents believe will have long-term impacts on internal audit teams - from an increased reliance on technology to innovative new ways of conducting audits. By all accounts, audit, risk, and compliance professionals have embraced video platforms not only for meetings between members of the internal audit staff, but also for meetings and other face-to-face interaction throughout the audit process and communications with key stakeholders.

Audit functions that fail to adapt well to hybrid auditing risk a loss of effectiveness and influence at a time when real-time assurance has never been more vital to the wider organization, according to Gartner. With hybrid audit engagements here to stay for the foreseeable future, audit leaders must ensure audit processes are still effective and staff remain engaged.

"The problem, according to 95% of 135 chief audit executive we polled in February of this year, is that implementing a project or process change regularly leads to control gaps." "Audit leaders must firstly improve their visibility into changes happening in their organization and secondly develop the capability to deploy audit resources faster when changes arise."

Despite volatility of the risk landscape in the wake of the COVID-19 pandemic, most organizations still rely on manual tools and technologies for internal audit processes, a MetricStream survey reveals. The state of internal audit processes 67% of internal auditors have had to change their plans, and reprioritize audit activities during the pandemic.

Moldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. Court of Accounts of Moldova is a government authority that performs audits of public financial resources and government agencies to comply with international standards.