Actualiteit

This is the second of a three-part series on the evolving ESG risk arena and internal audit's roles and responsibilities. The ESG Risk Landscape Part 2: Implementation, Reporting, and Internal Audit's Role The need for independent assurance on the design and efficacy of ESG-related processes and controls will soon be essential to the work of internal audit. As such, internal auditors should be prepared to act confidently and authoritatively in support of their organizations' ESG efforts. In Part 2 of this series we examine implementation, reporting and internal audit's role. You can find part 1 here. You can find part 3 here. This is for members only. To access it and other valuable resources, become a member today.

The Internal Audit Foundation has released a new report in collaboration with Crowe: Privacy and Data Protection, Part 2: Internal Auditors’ Views on Risks, Responsibilities, and Opportunities. This second report in a three-part series reveals a number of potentially valuable opportunities for internal auditors to take an earlier, proactive role in helping to recognize, manage, and mitigate these risks, while still fulfilling their role as defined by the International Professional Practices Framework. Detailed examination of the results provided a number of insights that internal audit professionals can use to reflect on their own organizations’ preparedness and effectiveness in managing risks associated with privacy and data protection. Key takeaways include: Data privacy roles and responsibilities Data privacy as a material risk Internal auditors’ views of program effectiveness Internal auditors’ most critical concerns How internal auditors can add value

Understanding ESG Reporting Standards in 2022 and Beyond This knowledge brief discusses the major frameworks being used to manage ESG risk, along with regulatory concerns and reporting initiatives. The intent is to offer practitioners perspective on the eSG landscape and provide a roadmap for internal auditors as they solidify their role in their organizations' ESG journeys. You can find part 2 here. You can find part 3 here. This is for members only. To access it and other valuable resources, become a member today.

This new report, "Prioritizing ESG: Exploring Internal Audit's Role as a Critical Collaborator," by the Internal Audit Foundation, The IIA, and Ernst & Young LLP (EY) reveals how internal audit functions are currently involved in their organization's ESG efforts, current barriers within their organization that may hinder this involvement, and ways to move forward given impending regulations.

Internal auditors need to understand common technologies that enable remote work, the significant risks arising from remote access, and standard controls that prevent, detect, or remediate unauthorized access or sharing of information. The COVID-19 pandemic prompted a significant increase in those working from home and the resultant risks relating to a mobile or remote workforce. This guide supersedes the Global Technology Audit Guide (GTAG), "Auditing Smart Devices," and broadens the scope to focus on a wider range of risks and controls related to a mobile workforce. This guidance will enable internal auditors to: Define mobile computing hardware, software, and communication tools. Understand risks and opportunities associated with mobile computing. Understand components of remote access processes and related security controls. Understand the basics of auditing mobile computing, including specific controls that should be evaluated. This is for members only. To access it and other valuable resources, become a member today.