Cybersecurity top concern among Middle East audit executives
The majority of Middle East audit leaders cite cybersecurity as their most pressing concern according to the latest industry survey from Protiviti.
Global professional services firm Protiviti has conducted its latest audit benchmarking survey, finding that cybersecurity, privacy, data management and governance were now the leading concerns among industry professionals. The survey was undertaken in association with ISACA, a global association helping individuals and enterprises in the IT audit/assurance, governance, risk and information security space, and included over 2,250 respondents worldwide.
For those in the Middle East – with the survey taking the pulse of chief audit and IT audit executives and professionals – four out of five participants said that cybersecurity and privacy audits were part of the audit agenda for the year. “Cybersecurity remains the number one challenge to tackle,” said Protiviti Member Firm managing director Sanjay Rajagopalan, who is responsible for Internal Audit & Financial Advisory Services for the MENA region.
Rajagopalan continued: “80% of survey participants from the Middle East indicated that they are including cybersecurity and privacy audits in their audit plan this year. This is very much in line with the global trend, as IT Audit cannot let its guard down by merely conducting high-level ‘check-the-box’ audits. Detailed security assessments are also required along with meaningful recommendations for these audits to remain relevant to the ever changing environment”.
In addition to the above findings, a further two thirds of local respondents said that they foresee a significant role for IT Audits in major technology projects, while around 70 percent of regional respondents said that their organisations assess technology risk in audit planning as part of their overall internal audit risk assessment process. Close to half also say they have a designated IT Audit Director (44 percent), with half of those in turn attending audit committee meetings
The survey responses, Protiviti contends, are indicative of the growing recognition for IT audit in the Middle East region and the crucial role it can play in ensuring cybersecurity and privacy. From an IT audit perspective in particular, the consulting firm can see a strong partnership emerging between the audit and IT function in the area of risk management, which it says will better help to identify project based challenges in advance.
“While we see cybersecurity and privacy as the standout top technology challenge that organisations face today, data management and governance has also emerged as a critical challenge,” said Protiviti Internal Audit Managing Director Ahmed Bassiouni, who added; “Digital transformation will continue to impact a broad range of areas for IT auditors and amidst these, we anticipate IT audit functions will grapple with resource, staffing and the skills required.”
With IT audit functions in the Middle East looking to hire new professionals, the study also highlighted the five most in-demand skills across the region, led by data science, which was cited by 35 percent. Expertise in advanced and enabling technologies followed, at one third of respondents, while ‘critical thinking’ was the third most sought after skill, desired by 30 percent. Rounding out the top five were communications expertise and agile methodology.