Cyber risk was the most commonly cited threat by heads of internal audit across Europe regardless of nationality or business sector, according to a new report written by some members of ECIIA.
The EU’s General Data Protection Regulation and the broader challenge of managing data came second in the survey Risk in focus: hot topics for internal audit 2018. The pace of innovation businesses face was the third most widely cited risk concern.
“The defining theme of this report is the fundamental impact that technology has in shaping, enabling and disrupting organisations’ operations and strategies,” Farid Aractingi, ECIIA President said. “This is a pressure that requires internal auditors to learn new skills and adopt innovative tools to bolster their capabilities in an increasingly digital world.”
The report’s research team interviewed chief audit executives (CAEs) from major organisations in six European countries – France, Italy, the Netherlands, Spain, Switzerland and the UK.
Not surprisingly there were some regional differences. CAEs in the UK and Spain said that political uncertainty could expose their organisations to fresh threats and opportunities. In the UK, these views were largely prompted by the prospect of Brexit; in Spain they arose within multinational businesses having expanded into Mexico and the implications of the Trump administration’s hostile position towards the country.
Those in the financial services sector showed more concern over regulatory complexity than any other industry. Notably, for CAEs at institutions in France, Italy, the Netherlands and Spain the continuing development of the European Central Bank’s three-year old Single Supervisory Mechanism was cited as a risk.
For much more, read Risk in focus: hot topics for internal audit 2018