Managing security and privacy for an organization is not an IT issue—it is a business issue requiring a comprehensive, risk-based approach to manage. Because of the risk and impact to the internal control environment, information security risk is an absolute must when outlining topics to address in the audit risk assessment and audit planning process.
Over the last year, we've seen unemployment rates decrease and consumer confidence make a comeback, but that doesn't mean that business risks have evaporated. In fact, as the global business environment rapidly evolves, new opportunities and challenges present themselves, bringing new risk dialogue topics to boardrooms and executive offices around the world.
No matter your industry or business model, privacy and security are going to be a top concern of your customers and stakeholders.Striking that balance between user experience, marketing viability and data sensitivity might be the most difficult task a company will face in 2013. In an effort to ensure privacy and data security many companies will perform systematic IT audits. This allows the company to verify that proper controls are in place and also provide documentation of those controls for outside agencies.
If your company is doing a Privacy and Data Sensitivity Audit, get a head start on the reporting!
Add a Comment: