Vaktechnische Publicaties

The Internal Audit Foundation has released a new report in collaboration with Crowe: Privacy and Data Protection, Part 2: Internal Auditors’ Views on Risks, Responsibilities, and Opportunities. This second report in a three-part series reveals a number of potentially valuable opportunities for internal auditors to take an earlier, proactive role in helping to recognize, manage, and mitigate these risks, while still fulfilling their role as defined by the International Professional Practices Framework. Detailed examination of the results provided a number of insights that internal audit professionals can use to reflect on their own organizations’ preparedness and effectiveness in managing risks associated with privacy and data protection. Key takeaways include: Data privacy roles and responsibilities Data privacy as a material risk Internal auditors’ views of program effectiveness Internal auditors’ most critical concerns How internal auditors can add value

This new report, "Prioritizing ESG: Exploring Internal Audit's Role as a Critical Collaborator," by the Internal Audit Foundation, The IIA, and Ernst & Young LLP (EY) reveals how internal audit functions are currently involved in their organization's ESG efforts, current barriers within their organization that may hinder this involvement, and ways to move forward given impending regulations.

Understanding ESG Reporting Standards in 2022 and Beyond This knowledge brief discusses the major frameworks being used to manage ESG risk, along with regulatory concerns and reporting initiatives. The intent is to offer practitioners perspective on the eSG landscape and provide a roadmap for internal auditors as they solidify their role in their organizations' ESG journeys. You can find part 2 here. You can find part 3 here. This is for members only. To access it and other valuable resources, become a member today.

Internal auditors need to understand common technologies that enable remote work, the significant risks arising from remote access, and standard controls that prevent, detect, or remediate unauthorized access or sharing of information. The COVID-19 pandemic prompted a significant increase in those working from home and the resultant risks relating to a mobile or remote workforce. This guide supersedes the Global Technology Audit Guide (GTAG), "Auditing Smart Devices," and broadens the scope to focus on a wider range of risks and controls related to a mobile workforce. This guidance will enable internal auditors to: Define mobile computing hardware, software, and communication tools. Understand risks and opportunities associated with mobile computing. Understand components of remote access processes and related security controls. Understand the basics of auditing mobile computing, including specific controls that should be evaluated. This is for members only. To access it and other valuable resources, become a member today.

The IIA’s new Global Perspectives & Insights, “Internal audit and compliance: Clarity and collaboration for stronger governance,” explains why a clear understanding of roles is critical to effective compliance and independent assurance. The report includes analysis on applying the Three Lines Model’s Six Principles and practical illustrations from practitioners. Download now to review the top four key takeaways.