Upload File

chief audit execs speak out: cybersecurity & risk management

  • Home
  • Business
  • Chief Audit Execs speak out: Cybersecurity & risk management
1
Cybersecurity: Suggested actions Where are the risks? Where can internal audit add the most value? Financial services CAEs see room for improvement when it comes to their risk management functions. CAEs speak out: Cybersecurity seen as key threat to growth For more information, read the report at grantthornton.com/fs-cae-survey continue to require improvements ineffectively used or they’ve yet to implement one rigorously enforced and used comprehensively business continuity 25% +++D 62% 15% 23% fraud/ anti-corruption 20% data privacy and security (including cybersecurity) 71% third parties and vendors 34% regulatory risks 38% . Prepare for potential attacks and regularly test preparations. Address exposures stemming from third-party and vendor relationships. Focus on people and processes, in addition to technological solutions. Shore up cyberrisk exposures by utilizing key resources (e.g., EO 13636 and NIST supporting standards, FBI’s InfraGard, U.S. Computer Emergency Readiness Team, U.S. Secret Service Electronic Crimes Task Force). Be alert to warning signals and identify potential vulnerabilities across the entire business “ecosystem.” Ensure boards and senior management focus attention on cyberrisks, including understanding inherent cybersecurity risks, as outlined by the Federal Financial Institutions Examination Council (FFIEC). Chief audit executives (CAEs): Management and board priorities (according to CAEs): Identifying improvement opportunities Increased efficiency Mitigating risk/stronger corporate governance Mitigating risk Identifying improvement opportunities Stronger compliance efforts in other areas 1 1 2 2 3 3 “Grant Thornton” refers to Grant Thornton LLP, the U.S. member firm of Grant Thornton International Ltd (GTIL). GTIL and its member firms are not a worldwide partnership. All member firms are individual legal entities separate from GTIL. Services are delivered by the member firms. GTIL does not provide services to clients. GTIL and its member firms are not agents of, and do not obligate, one another and are not liable for one another’s acts or omissions. Please visit grantthornton.com for details. © 2015 Grant Thornton LLP | All rights reserved | U.S. member firm of Grant Thornton International Ltd

Upload: grant-thornton-llp

Post on 05-Aug-2015

601 views

Category:

Business


2 download

Report

Tags:

TRANSCRIPT

Page 1: Chief Audit Execs speak out: Cybersecurity & risk management

Cybersecurity: Suggested actions

Where are the risks?

Where can internal audit add the most value?

Financial services CAEs see room for improvement when it comes to their risk management functions.

CAEs speak out: Cybersecurity seen as key threat to growthFor more information, read the report at grantthornton.com/fs-cae-survey

continue to require improvements

ineffectively used or they’ve yet to implement one

rigorously enforced and used comprehensively

business continuity

25%

� +� +� +D62%

15%

23%

fraud/anti-corruption

20%data privacy and security (including cybersecurity)

71%third parties and vendors

34%regulatory

risks

38%

.

Prepare for potential attacks and regularly test preparations.

Address exposures stemming from third-party and vendor relationships.

Focus on people and processes, in addition to technological solutions.

Shore up cyberrisk exposures by utilizing key resources (e.g., EO 13636 and NIST supporting standards, FBI’s InfraGard, U.S. Computer Emergency Readiness Team, U.S. Secret Service Electronic Crimes Task Force).

Be alert to warning signals and identify potential vulnerabilities across the entire business “ecosystem.”

Ensure boards and senior management focus attention on cyberrisks, including understanding inherent cybersecurity risks, as outlined by the Federal Financial Institutions Examination Council (FFIEC).

Chief audit executives (CAEs): Management and board priorities (according to CAEs):

Identifying improvement opportunities

Increased effi ciency

Mitigating risk/stronger corporate governance

Mitigating risk

Identifying improvement opportunities

Stronger compliance efforts in other areas

1 1

2 2

3 3

“Grant Thornton” refers to Grant Thornton LLP, the U.S. member fi rm of Grant Thornton International Ltd (GTIL). GTIL and its member fi rms are not a worldwide partnership. All member fi rms are individual legal entities separate from GTIL. Services are delivered by the member fi rms. GTIL does not provide services to clients. GTIL and its member fi rms are not agents of, and do not obligate, one another and are not liable for one another’s acts or omissions. Please visit grantthornton.com for details.

© 2015 Grant Thornton LLP | All rights reserved | U.S. member fi rm of Grant Thornton International Ltd

Clark execs return new vehicles, villas

Indian Are Sh Chandra Execs Um

Recruiting Powerpoint - Account Execs

May 2015 Chapter Execs Mtg_GFine Presentv1

Women Execs Making it Happen

g 20 Disaster Risk Management Execs Um

Execs Conf Speaking Notes

Social marketology-nj-execs-12

Social marketology-nj-execs-12-121207150436-phpapp01

Sales Execs Analytical Sales Management - Jeff Hoffman

071315 Taco Bell Trains Top Execs

Social Media Overload for Association Execs

Dead Execs

Biggest Data Challenges for Operations & Finance Execs

Beauty's Most Innovative Execs

Clear Channel Locks In Execs - Country Aircheck

Social Media for HR Execs

Busy execs guide to social media

Translating Agile for Execs pmi pres 201411

Convincing execs using eye tracking faulkner_2012

Association Execs Talk Strategic Assessments

5 critical-mistakes-association-execs-make

4 Reasons Finance Execs Should be Transformation Ninjas

08-01-2016Guide to Industry Execs Aug. 2016

PowerPoint Presentation · 2014 2015 Chair Chief executives 15.8 ExCo's 35.3 35.7 New non-execs 6.5 Execs 15.4 11.8 New execs 20.6 ... What has also come to light is that practicing

Bear Stearns Execs Emails

Hall, Murphy ('02) - Stock Options for Undiverisified Execs

How LinkedIn Execs Run Meetings

22 Execs Who Get Content Marketing

Discover your Customers' Elevator Rant -for Marketing Execs

Straight Scoop on Agile for IT Execs

Getting Execs to Care About Comp

"Hotel Execs Talk Design"

Financial Execs Assoc. - Connector - 10 11 10 cl

120715 OCBJ Disneyland Execs