CAE Pulse November 22 2024

In This Issue

 

 

Cybersecurity Remains the Hottest Topic for 2025 in Deloitte UK Internal Audit Study

Digital transformation and IT change ranks 2nd, followed by tech strategy and governance.

Technological advancements continue to expand the scope and complexity of the internal auditor’s job. That means audit teams must embrace the changes while focusing on “hygiene” factors, fundamental risks, and principles.

Those were among the assertions of a recent study out of the UK by accounting and auditing firm Deloitte. The 14th annual study on hot topics for technology and digital risk determined that cybersecurity remains the top concern because of an increasing reliance on digital systems and the constantly evolving threat of cyberattacks. This is the 11th consecutive year it has appeared at the top of the list, chosen by respondents who included heads of internal audit, heads of information technology (IT), and other business leaders across all sectors.

Digital transformation and IT change appears second on the list for the third year in a row. In a new appearance in the top three since a decade ago, technology strategy and governance was cited as third. “A strong IT governance framework is crucial for navigating today’s risk landscape, yet many organizations struggle with implementation and lack leadership buy-in,” an announcement of the report reads. “This disconnect hinders strategic decision-making and creates unnecessary risk.”

Rounding out the top 10 hot topics were: artificial intelligence including GenAI; data; resilience; identity and access management; cloud; third-party risk management; and emerging technology trends. The study looked at the differences in responses between those in financial services and those in other sectors. Financial services organizations placed a higher emphasis on GenAI, indicating a potential for accelerated adoption and exploration of this transformative technology within that sector. “This suggests a proactive approach to leveraging GenAI for competitive advantage in areas such as fraud detection, customer service, and risk management,” the study reads.

 

AI Is Changing the Game, and Internal Audit Must Adapt to Proactive Strategies

The technology provides opportunities for innovation but also tools for added risk.

Global organizations are increasingly focusing on the overlaps and integration of artificial intelligence (AI), IT security, and internal audit. This calls for organizations to modify their internal audit strategies to manage risk or capitalize on the emerging opportunity landscape.

A recent Wolters Kluwer article uses a chess board analogy to explain what is happening in this space and examines how AI is changing the game. On one hand, AI creates a new set of tools that enhance an organization’s ability to detect and address a wide variety of threats associated with emerging technologies. On the other hand, it also provides tools for adversaries to enhance their ability to disrupt or attack.

To address this, the internal audit function needs to shift from a reactive to a proactive approach, the article says. Internal auditors should leverage AI for predictive analytics and also for developing and fostering comprehensive risk assessments. Auditors must become more experienced and proficient with AI in these key focus areas:

  • Understanding AI technologies and their applications in cybersecurity.
  • Data analytics and machine learning fundamentals.
  • Ethical considerations and governance frameworks required in implementing AI.
  • Risk assessment methodologies for AI-powered systems.

By mastering those skills or at least developing a foundational understanding of them, internal auditors can position themselves as strategic partners in the growing field of AI risk management and mitigation. This will ensure their organizations remain resilient in the face of emerging threats.

The article offers best practices for integrating internal audit with IT security to mitigate AI risk. Those include everything from risk assessment to continuous monitoring and auditing, and from skills development to third-party management.

 

Employee Burnout Is on the Rise, According to Grant Thornton Study in the US

CAEs will have to deal with emotional stress of employees to retain their top talent.

Audit executives are looking for ways to recruit and retain team members who will be able to take the profession into the next phase of development. A new survey out of audit and assurance firm Grant Thornton sheds insight into one aspect they will have to consider: employee burnout.

The firm’s 2024 State of Work in America study, which surveyed 1,500 professionals, shows 51% of respondents report they have suffered on-the-job burnout in the past year — a number that is up 15% over the 2023 survey. About 34% said they had not experienced burnout, and 14% were neutral or unsure.

When asked what contributed to burnout at their jobs, 63% of respondents cited mental and emotional stress — up from 53% last year. Other contributors were long hours (54%, compared with 42% in 2023), shortage of workers (52%, up from 41%), work/life balance (38%, up from 28%), and inefficient processes and systems (33%, up from 30%).

Among other findings:

  • External factors such as increasing global conflicts, post-pandemic inflation, and a particularly stressful political environment can all cause stress for employees, who bring their worries into the workplace. The isolating nature of these outside stressors can be especially troubling from an employer standpoint, the study said.
  • People shortages present the most stressful factor at work, according to 40% of respondents. Among other major stressors: poor communication, 34%; unrealistic expectations, 29%; length of the workday or work week, 26%; organizational changes, 23%, work/life balance, 20%; the employee’s manager, 17%; and the commute, 14%.
  • When asked what attracted them to their jobs, respondents cited the same factors as last year, but the increased interest in compensation factors was notable. The top answer was benefits (cited by 48%, compared with 39% in 2023), followed by base pay (45% this year, up from 36%), advancement opportunities (29%, up from 24%), and job security (25%, up from 23%).