50 likes | 58 Views
CYBERSECURITY: RISKS AND OPPORTUNITIES OF INTERNAL AUDIT. Sochi, 28-29 October 2019 ILHIZ BAYMURATOV RUSSIA, FINEXPERTIZA. CYBERSECURITY RISKS:. DYNAMIC. CONTINUING AUDIT AND MONITORING AUDIT STRATEGY ADJUSTMENT. PERIODIC TRAINING INVESTMENTS IN STATE-OF-THE-ART TECHNOLOGIES
E N D
CYBERSECURITY: RISKS AND OPPORTUNITIES OF INTERNAL AUDIT Sochi, 28-29 October 2019 ILHIZ BAYMURATOV RUSSIA, FINEXPERTIZA
CYBERSECURITY RISKS: DYNAMIC • CONTINUING AUDIT AND MONITORING • AUDIT STRATEGY ADJUSTMENT • PERIODIC TRAINING • INVESTMENTS IN STATE-OF-THE-ART TECHNOLOGIES • USE OF EXTERNAL PROVIDER'S SERVICES • EXPANDING TRADITIONAL CONTROLS INNOVATIVE • RISK-BASED APPROACH • COOPERATION AND INTEGRATION WITH OTHER PARTIES • INCREASED ROLE OF PERIODIC COMMUNICATION WITH MANAGEMENT • COMPUTER AIDED AUDIT TECHNIQUES AND DATA ANALYSIS LARGE-SCALE • IT FUNCTION OUTSOURCING • DATA EXCHANGE WITH EXTERNAL PARTIES • EXTERNAL HOSTING • CLOUD TECHNOLOGIES, i.e. RISKS INDUCED BY THIRD PARTIES • DATA AS NOT ONLY AN ASSET, BUT ALSO A COMMITMENT • USE OF INDEPENDENT EXPERT EXAMINATION RESULTS • ADEQUATE COMPETENCES OF THE AUDIT TEAM SPECIFIC
USE OF TECHNOLOGIES IN AUDIT: STRATEGY DEVELOPMENT REQUIRES TECHNICAL SKILLS – NEW TEAM ROLES (DATA BASE EXPERT, DATA ANALYSIS EXPERT, IT AUDITOR etc.) STATE-OF-THE-ART IT TOOLS NEEDED ACCESS TO INFORMATION SOURCES
CURRENT CHALLENGES: LACK OF AUDIT PROFESSIONALS CERTIFIED ACCORDING TO INTERNATIONAL STANDARDS (CIA etc.) SHARE OF IT AUDITORS IN INTERNAL AUDIT TEAMS LOWER THAN SIMILAR INDICATORS IN OTHER COUNTRIES LIMITED USE OF SPECIALIZED SOFTWARE SOLUTIONS TO ACCOMPLISH INTERNAL AUDIT OBJECTIVES LIMITED ENGAGEMENT OF EXTERNAL IT EXPERTS IN ACCOMPLISHING INTERNAL AUDIT OBJECTIVES
THANK YOU FOR YOUR ATTENTION! • ILHIZ BAYMURATOV • Vice-President of FinExpertiza International Audit and Consulting Network • baymuratov@finexpertiza.ru • www.finexpertiza.com TODAY AND ALWAYS