While still maintaining independence and objectivity, internal audit leaders can collaborate with the business to help ensure that technology’s expanded attack surface is protected through IT risk assessments that focus not only on corporate systems but also product and operational technologies. As vehicles become more autonomous and connected, internal audit is well-positioned to provide guidance and help identify new risks and threats throughout the complex technology stack. However, rather than focus on post-production or post-implementation audits, attention should be shifted to pre-production—where any identified corrections are both more valuable and less expensive to implement.
Topics addressed include:
- ways in which the technology threat landscape have changed and thus requires a change in the internal audit approaches
- specific examples of technology audits that have made lasting business impacts by focusing on proactive, value-based activities
- specific areas of technology focus for industrial manufacturing organizations
- delivering customized process and technology mapping documentation as part of internal audit deliverables
- how quality and agility can be embedded into the planning, fieldwork, and reporting stages
- how audit leaders can foster more credible relationships with IT stakeholders
- new skills are needed in the internal audit function in order to monitor emerging technology risks.