Insight

Agile, resilient and transformative

Global IT internal audit outlook

Matt Tobey

Matt Tobey

Advisory Managing Director, KPMG US

+1 480-459-3601

Nicole Lauer

Nicole Lauer

Principal, Technology Risk Management, KPMG US

+1 410-949-8949

Richard Knight

Richard Knight

Principal, Advisory, and U.S. IT-Internal Audit Solutions Leader, Technology Risk Management, KPMG US

+1 703-286-8393

As organizations transform, at ever increasing speeds, new risks continue to emerge. Technological advances in artificial intelligence, cloud security, data privacy and cyber security; increasing use of automation tools like process mining and robotic process automation, and growing compliance, regulatory and fraud risks have increased the boundaries of Internal Audit and expanded the roles of technology auditors.

Fresh, hybrid working models have progressed at pace during the pandemic and are here to stay. These new ways of working, however, introduce more complex IT risks, especially for cyber security and operational resilience, which can severely impact operations, revenue and brands.

The IT Internal Audit function must keep abreast of these changes and continue to work with the board and senior management as a trusted partner, to assure them that they are effectively controlling all known and emerging risks.

This global report highlights the findings from a survey of 300 participants comprising of Chief Audit Executives, Audit Directors, Vice Presidents and Senior Managers representing audit teams from a wide range of industry sectors across 35 countries and territories. Questions covered the pressing issues facing technology audit teams today, such as auditor skillsets, scope and frequency of audits, emerging technology risks, adoption of new technology to enhance audits, and the evolving role of the Internal Audit function as a strategic advisor at board level.

The responses suggest that, with technology risks increasingly featuring in boardroom conversations, Internal Audit has a great opportunity to step up and play a bigger part in addressing and mitigating these risks.