Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Where Internal Audit Can Help in Cyber-Security

Tammy Whitehouse | February 24, 2015

With yet another potentially catastrophic data breach hitting Corporate America—add insurance giant Anthem to the list of recent victims—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment, and where they might need to rely on more technical help.

The good news, such that it is: There is plenty of work to do no matter what.

“There is so much technical nuance to cyber-security; when people hear terms like firewalls, domains, vulnerability testing, and segmented networks, a lot of internal auditors become intimidated,” says Tom O’Reilly, director of internal audit at Analog Devices. Even executive management and audit committees may wonder whether internal audit is up to the task of assessing a company’s vulnerability to a cyber-breach and readiness to address one when it occurs.


Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.