Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .



Technology 5 - Global Banking | Finance

Survey results find companies challenged by variety of technology issues, including security, governance and social media

Despite ongoing efforts to address information technology issues, companies continue to come up short in their IT audit functions, according to a new survey from global consulting firm Protiviti ( The study reveals that a large percentage of organizations are not planning and instituting the IT audit coverage necessary to assure critical IT operations, evaluate risk and provide a secure, available IT environment.

Now in its third edition, Protiviti’s latest IT audit benchmarking study, titled From Cybersecurity to IT Governance – Preparing Your 2014 Audit Plan, analyzes the primary technology-related challenges companies face from the internal audit perspective, and identifies trends in the ways organizations evaluate their approach to IT audit functions and capabilities. The survey report can serve as a helpful guide to internal audit functions, audit committees and boards of directors as they build their annual audit plans.

“In today’s organizations, virtually every function is technology-dependent, which means companies face a greater number of challenges to ensure an efficient, secure IT environment,” said Brian Christensen, Protiviti executive vice president of global internal audit. “Based on the study, it’s apparent that there is a tremendous gap between where most companies are and where they should be in terms of managing IT risk and strengthening governance and controls. As audit plans are developed, these technology challenges should also be top-of-mind for internal audit.”

Top Technology Challenges
According to the 469 respondents who participated in Protiviti’s 2014 IT Audit Benchmarking Survey, including chief audit executives, IT audit directors, IT audit managers, and other auditing professionals, the top technology-related challenges facing organizations are:

  • IT security (including data security, cyber security, and mobile security; this result was the number one challenge for the second consecutive year)
  • IT governance
  • Lack of ERP implementations, development, and knowledge
  • Social media
  • Vendor management
  • Cloud computing
  • Emerging technology and infrastructure changes
  • Big data and analytics
  • PCI compliance

The recurring challenge of IT security points to the need for security teams to tap their organization’s internal audit team’s expertise to develop more efficient, sustainable compliance programs. In a report titled Engage Audit Professionals for Better Security

Assessment Outcomes (June 26, 2013), Forrester Research, Inc. writes about the benefits of audit and security working together to address security compliance: “There are simple ways for security and audit professionals to coordinate more closely in ways that will help both sides achieve their goals… When done correctly, the audit function becomes a powerful advocate for the security team, helping highlight the strength of the program when appropriate and helping justify more investments when there are gaps to fill.”

Companies’ IT Audit Practices Still Fall Short
Analysis of Protiviti’s survey results also provides important insights into how effectively organizations are improving their IT audit programs and practices, and some notable findings suggest there is a need for dramatic improvement. These include:

A large number of companies fail to devote adequate resources to IT audit and, as a result, are not able to fully assess potential risks. Also, 42 percent of organizations reported that they rely on outside resources to augment their IT audit departments because they lack the appropriate internal resources.

Many internal audit functions are not performing IT audit risk assessments regularly, and even many of the companies that do perform these assessments need to do so more frequently. Of concern, one-third of companies with less than $100 million in revenue do not conduct any type of IT audit risk assessment, which presents countless potential hazards for their respective businesses.

Also a cause for concern is the increase from 2012 to 2013 in the number of IT audit directors who report to the CIO. Even though the overall number of organizations with this reporting relationship is relatively low, allowing the IT department to audit itself is a potential recipe for disaster because independence and objectivity of assessments are lost.

“Although there are areas that clearly need attention, it’s a good sign that more companies are working to implement IT governance policies and procedures,” said David Brand, a Protiviti managing director and leader of the firm’s IT Audit practice. “We have seen an uptick in the number of companies that are evaluating IT governance as part of their audit process.”

Survey Resources – Webinar, Report, Video and Podcast
A webinar exploring the survey results will be held today at 10:00 a.m. PST. Joining Brand for the one-hour webinar will be another Protiviti managing director, Jonathan Bronson, and guest speaker Forrester Research, Inc. Senior Analyst Renee Murphy. To register for the complimentary webinar, please visit

The survey report From Cybersecurity to IT Governance – Preparing Your 2014 Audit Plan is available for download at, along with a short video about the survey results. Additionally, Brand has recorded a podcast discussing the survey findings, which is available at

The 2014 IT Audit Benchmarking Survey was conducted in the second and third quarters of 2013. Eighty-four percent of the responses were from companies in North America, with the rest spread among Europe, Asia-Pacific, the Middle East and Africa. Sixty-two percent of the participants’ companies had annual revenues of $1billion or greater. The types of organizations participating in the survey were:

  • Public – 50%
  • Private – 26%
  • Not-for-profit – 12%
  • Government – 11%
  • Other – 1%

About Protiviti
Protiviti ( is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through its network of more than 70 offices in over 20 countries, Protiviti has served more than 35 percent of FORTUNE 1000® and FORTUNE Global 500® companies. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies.

Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index.

Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

IT Audit Benchmarking Survey

IT Audit Benchmarking Survey

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post