Security News
Ransomware and the long-term effects of COVID-19 on markets and organizations are key items to cover in 2022 audit plans, according to a Gartner report. The report also identified evolving societal expectations for enterprises, such as environmental, social and governance risks, and operational resilience as top risk areas for 2022.
The survey polled more than 175 CAEs across a range of industries, uncovering five key trends respondents believe will have long-term impacts on internal audit teams - from an increased reliance on technology to innovative new ways of conducting audits. By all accounts, audit, risk, and compliance professionals have embraced video platforms not only for meetings between members of the internal audit staff, but also for meetings and other face-to-face interaction throughout the audit process and communications with key stakeholders.
Audit functions that fail to adapt well to hybrid auditing risk a loss of effectiveness and influence at a time when real-time assurance has never been more vital to the wider organization, according to Gartner. With hybrid audit engagements here to stay for the foreseeable future, audit leaders must ensure audit processes are still effective and staff remain engaged.
"The problem, according to 95% of 135 chief audit executive we polled in February of this year, is that implementing a project or process change regularly leads to control gaps." "Audit leaders must firstly improve their visibility into changes happening in their organization and secondly develop the capability to deploy audit resources faster when changes arise."
Despite volatility of the risk landscape in the wake of the COVID-19 pandemic, most organizations still rely on manual tools and technologies for internal audit processes, a MetricStream survey reveals. The state of internal audit processes 67% of internal auditors have had to change their plans, and reprioritize audit activities during the pandemic.
Moldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. Court of Accounts of Moldova is a government authority that performs audits of public financial resources and government agencies to comply with international standards.
The US Cybersecurity and Infrastructure Security Agency has released the Ransomware Readiness Assessment, a new module for its Cyber Security Evaluation Tool. RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology, operational technology, or industrial control system assets.
Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire. Based on preliminary reports published by the team of experts that New Hampshire...
In early March, a Boston-based vote-counting firm called Clear Ballot Group sent a bid to Arizona's state Senate to audit the 2020 presidential election results in Maricopa County. Instead, the state Senate hired a small Florida-based cybersecurity firm known as Cyber Ninjas that had not placed a formal bid for the contract and had no experience with election audits.
How far the company, Colonial Pipeline, went to address the vulnerabilities isn't clear. Colonial said it initiated the restart of pipeline operations on Wednesday afternoon and that it would take several days for supply delivery to return to normal.