Collaboration is the new competition

We become stronger when we collaborate! On Friday, May 26, 2023, I was invited and had the privilege to participate in the ISACA Chapters & the Institute of Internal Auditors (IIA) joint webinar as a panelist together with other professionals to mark the 2023 International Internal Audit Awareness Month.

The theme of the event was: Auditing and Emerging Technology - Facing New Age Challenges.

Panelists included; Veronica Rose, CISA, CDPSE , Kenneth Palliam , Ramona Ratiu- MS, CISA, CISM, GSTRT, GCCC , IME UDOKO , Ambrose Enuma , and Innocent Panni .

Special thanks to the organizing committee and moderators including; Emmanuel Omoke , CISA, CISM, CRISC President Abuja chapter, Rita Kobusinge- CISA,CDPSE , Wole Davis , and Pascaline UMUHIRE

This was an event of a kind and it affirmed that collaboration is a new competition. The event was attended by 420+ professionals across the globe and All attendees earned 4 CPE Hours

Below are the key takeaways:

• Get certified i.e. CISA, CIA, etc.
• Join professional bodies i.e. ISACA, IIA, etc.
• Know which data points to provide insights and oversight on.
• Assess risk exposures from third parties continuously.
• Auditors are the eyes and ears of management
• The audit function is not the end but a means to achieve business objectives
• Every company is a reachable target for cyber attacks, it's just a matter of time.
• Watch the movie called Terminator - for cyber enthusiasts
• A cyber resilience culture is essential in every organization.
• We need to reboot our cyber tactics
• Slow down and cover the basics
• Not everything needs to turn into an audit.
• Communicate with stakeholders and give them high-level expectations.
• Have joint problem-solving initiatives
• Actively involve and collaborate on cyber risk assessment
• Foster trust, transparency, and feedback
• Invite stakeholders to the tabletop exercises
• Encrypt audit reports that contain sensitive information
• Train your teams continuously
• Allocate liaisons between cyber and auditors
• Observe interactions between departments
• Incorporate fresh practice into best practices.
• Introducing new technologies comes with new risks, particularly around cybersecurity and data privacy and it is critical for organizations to balance innovation with privacy and security to mitigate the risks.
• Ensure the protection of sensitive information, the first step is to carry out a risk assessment on the audit client prior to the start of the engagement, this helps you keep your reputation.
• Auditors should seek guidance from your digital trust officers or data privacy officers to guide the process of protecting sensitive information.
• Auditors in general need an understanding of what they are auditing.
• Training should be prioritized and awareness for all stakeholders on an audit engagement.
• Auditors must also be aware of the applicable laws (GDPR, information misuse acts, HIPPA, DPA) in the respective regions, and regulatory requirements related to sensitive information.
• Also during contracting, auditors need to honor contractual obligations e.g. sign off Non-disclosure agreements/confidentiality agreements and have clauses like the return of information after the closure of an engagement or termination of the contract.
• Have Access control policies in place where information is shared on a need-to-know basis and access recertification reviews be done regularly.
• Be conscious of whom you share information about a particular audit project. Educate clients and also advise them to educate their service providers about audits in general.
• Confidentiality is a chain of responsibilities.

Sample feedback from attendees

https://www.dhirubhai.net/feed/update/urn:li:activity:7067060015290867712?updateEntityUrn=urn%3Ali%3Afs_feedUpdate%3A%28V2%2Curn%3Ali%3Aactivity%3A7067060015290867712%29