Rising perils amid a plethora of platform choices has been saved
Perspectives
Rising perils amid a plethora of platform choices
The risks that should be on internal audit’s radar
With various modern software development methodologies available to meet and scale their business vision, platform companies are spoiled for choice. However, this variety of options tasks internal audit (IA) teams with the critical responsibility of rethinking the risk considerations surrounding their in-scope processes to mitigate technology-related risks.
Are choices for platform companies concerns for IA?
“Platform company” describes businesses facilitating exchanges between interdependent groups, typically consumers and producers. These are the social media, content, payment, and other exchange platforms. Platform companies frequently leverage one or a combination of modern software development methodologies (Agile, DevOps, Continuous Integration/Continuous Delivery, etc.) to meet and scale their business vision rapidly.
As more open-source tooling options are made available, engineers frequently use various customizable tools to develop their in-house built platforms. This inherently creates dispersed and complex processes in a controlled environment and introduces new risks not previously considered. Due to the variety of development methodologies available to the developers of in-house built platforms, IA departments will need to reexamine their risk considerations surrounding their in-scope processes, specifically identifying proper general technology controls to mitigate technology-related risks.
Types of platform risks
Conclusion
With the widespread adoption of modern-day software development methodologies and companies building their own different platforms to operate their businesses, IA departments will need to equip themselves with new skills to uncover the core risks that require mitigation properly. Without a strong understanding of these rapidly changing technologies, internal auditors run the risk of not being broad enough in their inquiries to uncover many avenues of potential risks in the established processes.
Authors
|
|
|
Recommendations
Internal Audit perspectives
Your one-stop shop for all things IA
Internal Audit 4.0: Megatrends reshaping the IA framework
Purpose-driven and digitally powered IA function of the future