IT audit and IT risk
IT security is fundamental to achieving business objectives—which means that understanding and managing IT risk is also fundamental to achieving business objectives.
IT Audit
My cyber confession
Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.
Information security guidance
According to Deloitte, IT now plays many fundamental and highly beneficial roles in businesses, including:
