- How To Integrate Continuous Improvement Into Your Organization’s Culture And Daily Activities
- Identify The Strengths Of Your Services And Where Improvements Can Be Leveraged
- How To Succeed In A Continually Changing And Unstructured Workplace
- 6 tips to get back in touch with an old colleague
- Paving the Last Mile of Big Data Analytics
- Important Considerations For An Organizational Restructuring
- Elevator Speech 2.0 = Elevator Dialogue
- 4 ways to qualify a lead
- Is the Trusted Advisor Still Trusted?
- 5 things you must do to win your first client.
PwC: Internal audit’s role critical to combat ever-changing hacker profiles
August 19, 2012
By Rob Starr, Content Manager, Big4.com
According to a new PwC US whitepaper titled Fortifying your defenses: The role of internal audit in assuring data security and privacy, With more companies migrating into the digital realm and relying on hacker-susceptible mobile and cloud technologies, data security threats and breaches have increased exponentially.
According to the whitepaper, government bodies are increasing the penalties they impose on companies whose security flaws allow data breaches. At least 50 countries have enacted data privacy laws, and more are expected to follow.
Jason Pett, PwC’s U.S. internal audit services leader comments:
“No matter how strong a company’s data security policies and controls are, a company won’t really know the adequacy of its defense if it doesn’t continually verify that those defenses are sound, uncompromised and applied in a consistent manner,” he says. “Internal audit has to play a far more substantial role in information security, and audit committees must also increase their attention on the increasing risk, heightening the expectations they place on internal audit to place adequate focus on data security and privacy concerns.”
The three lines of defense that companies should initiate include management and companies that are good at managing information security risks typically assign responsibility for their security regimes at the highest levels of the organization. Management has ownership, responsibility and accountability for assessing, controlling and mitigating risks.