IIA-Australia Factsheet - Cybersecurity Topical Requirement
This is a members only resource. Please login to access.
Author | IIA-Australia |
Date | 2025 |
Topics Explored | Internal Audit |
Format | Factsheet |
Extract/Description | Topical Requirements are a mandatory component of the IPPF. They are designed to enhance the consistency and quality of internal audit services related to specific audit subjects and to support internal auditors performing engagements in those risk areas. Internal auditors must conform with the relevant requirements when the scope of an engagement includes one of the identified topics. This Factsheet discusses the Topical Requirements in general and focuses on the first one to be released: Cybersecurity. |
Key Points | 1. Topical Requirements are applicable for assurance engagements when it comes to three main scenarios. Applicability of the Topical Requirement needs to be clearly documented. 2. The first Topical Requirement covering cybersecurity underwent a period of public review in 2024 and was released in final version during February 2025. It will be effective 12 months after its release date. 3. The Cybersecurity Topical Requirement includes key aspects of cybersecurity management across governance, risk management and control processes.
|
Relevant Industries | All |
Level of Assumed Knowledge | Beginner |
Aligned to Global Internal Audit Standards | Yes |