Actualiteit

Staffing and Development for the Next Generation Cybersecurity poses a significant threat for organizations of any size. Internal audit is well-suited to play a key role in helping to manage cyber risks, but it must have the resources it needs to fulfill that role. This brief, the first in a three-part series on cybersecurity in collaboration with AuditBoard, looks at the options and strategies internal audit leaders can follow to ensure they have the talent they need to address ongoing cyber risks. As a member of the IIA, you can download the report here. 

Companies’ stakeholders from investors to citizens increasingly demand better sustainability performance and disclosures from businesses. Policymakers and regulators are also introducing new legislation on companies’ sustainability obligations and value chains. Company boards need to prepare for their enhanced sustainability obligations. This document, issued by Accountancy Europe, ecoDa and ECIIA, aims to help boards with embedding sustainability – and specifically environmental, social and governance (ESG) factors – into company strategy and business models, and to ensure that proper governance supports this. It is based on exchanges with specialists from the 3 organisations and interviews. This document is innovative in that it proposes a whole set of questions that structure the thinking of board members around sustainability and turns it from a buzzword to a concrete reality. It sets out practical questions to consider in their efforts on ESG, sustainability transition planning, delivery on sustainability objectives and limiting greenwashing risks. ESG governance: questions boards should ask to lead the sustainability transition– publication and summary.

Internal auditors and industrial/commercial companies are still looking for best practices in dealing with the risks and benefits associated with ESG. The regulation is evolving quickly and it is not just about compliance but about the business, strategy, culture, and operations that must evolve. This position paper is a clear call for Board Members and Top Management to move towards a more sustainable business with Internal Audit as a valuable partner in this journey; leveraging on the experience, the business knowledge and the role Internal Audit plays in Governance, Risk Management and Internal Controls. In industrial and commercial companies, the support of Internal Audit can vary depending on the maturity of the organisation with opportunities also for less mature companies to invest and get ready. The various roles are described and the question  “if” Internal Audit could play a fundamental role over ESG” is no longer a question Boards and Top Management should ask but rather it is more of “how” they can best benefit from this privileged view. You can download the report here. 

The Digital Operational Resilience Act (DORA) is the European Union’s (EU) strategic approach to managing systemic risk within the financial system. DORA is designed to improve the cybersecurity and operational resilience of the financial services sector (as of 2025). The paper explains the role internal auditors should play, specifically regarding third-party outsourcing. Press release You can download the full publication here.

Part 3: Internal Audit's Role in AI Ethics Amid rapid advancements in artificial intelligence (AI), concerns about ethics and related issues have prompted some to recommend a hiatus or slowdown in further development. But despite calls for temporary halts, many organizations are ramping up AI use or planning to do so. Internal auditors will clearly have an important assurance and advisory role as organizations wrestle with AI choices and their implications.  This brief, the final in a three-part AI series, addresses the ethical issues surrounding this multifaceted technology and what those issues mean to organizations and internal auditors. This brief also includes recommendations and insights from management and internal auditors already working on the frontlines of AI use. You can find part 1 here. You can find part 2 here. As a member of the IIA, you can download part 3 report here.