A new survey conducted by consulting firm Protiviti in cooperation with ISACA (a global professional association of more than 165’000 digital trust professionals) found that cybersecurity is the chief risk for IT audit departments, with several related risks such as privacy and data as well as regulatory compliance also ranking as top concerns.

The survey would indicate that IT audit teams are perceiving the current technology risk landscape as much more threatening than in the past. War-related cyberattacks would be on the rise, the surge of sophisticated ransomware attacks would be ongoing and remote work would continue to subject many organisations to new cybersecurity risks. Yet despite heightened concerns, the survey would have revealed that one in five organisations do not expect their 2022 audit plans to address the risk of cybersecurity breaches.

The survey asked respondents to rate the significance of 39 technology risk issues. Of those, the top 10 IT audit risks identified were 1) cyber breach, 2) management of security incidents, 3) privacy, 4) monitoring regulatory compliance, 5) access risk, 6) data integrity, 7) disaster recovery, 8) data governance, 9) third-party risk and 10) monitoring as well as auditing IT, legal and regulatory compliance.

The top risks cited in this year’s survey would highlight the vital yet sensitive role that data plays in organisations today, with respondents expressing significant concerns regarding the way in which data is gathered, governed and secured. Respondents would also have demonstrated that IT audit professionals are acutely aware of the evolving compliance requirements facing their organisations, related to data stewardship, industry standards, and national and regional requirements.