Article

2019 Hot Topics for IT Internal Audit in Financial Services

An eye on the future

October 2018

We are pleased to issue our latest review of the information technology hot topics for Internal Audit functions in financial services.

The paper is informed by a survey across UK financial service organisations and our discussions over the past 12 months with Chief Internal Auditors, Heads of IT Audit and IT Audit professionals, who have openly discussed their areas of focus and the organisational challenges in relation to their firms’ technology control environment.

Whilst cyber security claimed, once again, the top spot of our list, it is interesting to see a shift of focus to cyber recoverability, incident response and resilience, as well as security considerations over new digital assets. In fact, in this year’s survey, functions seem to have “an eye on the future”, quoting for the first time topics such as artificial intelligence, robotics, DevOps. Whilst we still refer to them as ‘emerging risks’, it is not difficult to foresee a time in the near future where these become core risks impacting business as usual activities.

The paper also includes a commentary on the challenges that IT Internal Audit functions are facing, based on the results of our survey, our viewpoint on the effective IT internal audit of the future, and our perspective on its role in the continuous evolution of Internal Audit functions. The detailed viewpoints by topic reflect our analysis on how internal audit should address these areas.

We genuinely hope the paper offers insights while planting the seeds for further debate on how to improve the role of IT internal audit as a continually innovative and value-generating function.

IT Internal Audit Hot Topics for 2019, as identified through our annual survey of Heads of IT Internal Audit in the Financial Services sector

Figure 1. The size of the bubble reflects the ranking in this year’s list, while the horizontal axis shows the threat environment - internal or external to the organisation. The vertical axis classifies the topics across the spectrum of existing/known, new and emerging risks.
 

Previous reports

2018 Hot topics for IT internal audit in financial services

2017 Hot topics for IT internal audit in financial services

2016 planning priorities for internal audit in financial services

2016 Hot topics for IT internal audit in financial services

Did you find this useful?