A joint Protiviti /ISACA webinar (Today’s Top Technology Challenges and the Relationship to the Audit Plan) discussed the results of the latest IT Audit Benchmarking Study from ISACA and Protiviti. One of the top findings that I found interesting and promising is that CAEs are now more involved in the management and leadership of IT Audits.
The survey report indicates that:
“ a small but increasing number of IT audit leaders are reporting directly to the CEO. In these instances, it is possible that the CAE is serving as the IT audit director, which is a positive trend as it provides the IT audit function and responsibilities with greater visibility and stature. It also is a logical progression given how more organizations have become increasingly technology-dependent, driving the need for the technology-savvy CAE to also serve as IT audit director. More CAEs are now assuming this role, which can be advantageous because, among other reasons, skilled and experienced IT audit directors are hard to find.”
The report also mentions that:
“Overall, with more organizations and internal audit groups becoming increasingly technology-centric, it is a natural progression for CAEs to assume IT audit leadership roles.”
Another encouraging sign is shown in this paragraph of the report:
“We also find that in cases where the IT audit director is not attending audit committee meetings regularly, the CAE usually has sufficient knowledge to discuss IT audit matters with the committee.”
Does the above reflect a continuous trend? Only time will tell!
A couple of years ago, I suggested that The IIA & ISACA merge! I still believe it makes sense and it would certainly add flavor to both institutions!
These are my thoughts, please share yours!