Insight

COVID-19 and what the IT auditor can do to help

A guide to the recalibrated role of Internal Audit related to the enterprise IT agenda due to the COVID-19 environment

Cynthia Izzo

Cynthia Izzo

Principal, Advisory, Technology Risk Management, KPMG US

Nicole Lauer

Nicole Lauer

Principal, Technology Risk Management, KPMG US

+1 410-949-8949

Within this paper, we discuss some of the unique challenges this uncertain environment presents to organizational control environments and the role of Internal Audit related to the enterprise IT agenda. The current outlook for COVID-19 is so uncertain, that many business functions deemed ‘non-critical’ as part of many business continuity plans quickly become critical to the ability of the organization to function, or even survive.

IT departments are the engines that drive remote working and are under significant pressure to support the alternate working environment. IT management is reacting daily to unplanned events and request from the business, heightening the likelihood of a risk event. 

Internal Audit needs to continue to provide effective assurance during these uncertain times, and is arguable even more important to make sure risk are being managed and controls remain effective.