Chapter 1 – Cybersecurity is (Not) an IT Issue
Chapter 2 – Effective Cybersecurity Principles for Boards of Directors
Chapter 3 – Structuring for the Digital Age
Chapter 4 – A Modern Approach to Assessing Cyber Risk
Chapter 5 – The Role of HR Functions in Scaling Cybersecurity and Building Trust
Chapter 6 – Cybersecurity and the Office of the General Counsel
Chapter 7 – Cybersecurity Audit and Compliance Considerations
Chapter 8 – Cyber Supply Chain and Third-Party Risk Management
Chapter 9 – Technical Operations
Chapter 10 – Crisis Management
Chapter 11 – Cybersecurity Considerations During M&A Phases
Chapter 12 – Developing Relationships with the Cybersecurity Team
The role of audit and compliance in cybersecurity needs to evolve to effectively address the concerns arising from the evolution of technology and the threats to it. The compliance regime is going through rapid changes with the increasing quantity and complexity of cyber risks. Global emphasis on data and privacy protection requires enterprises to allocate substantial budget toward meeting compliance requirements and keeping an eye on the changed regulations and risks of non-compliance. However, it is crucial that compliance does not become the security standard of organizations.
More extensive effort must be put into addressing security at the enterprise level. Internal and external audit needs to provide insights on risk areas across the enterprise by shifting away from traditional approaches. To do so, audit needs to engage with other functions in the enterprise to align its activity with the business objectives of the organization and take part in strategic project practice to acquire better understanding of the innovative technologies and methods being introduced to organizations. The audit and compliance organizations may experience substantial change with the introduction of advanced technologies. These are projected to increase efficiency and effectiveness through automation and deep learning processes but will certainly add more risk factors to be considered and managed. At the end, audit and compliance requirements are set to support organizations in achieving business objectives and promote growth while maintaining appropriate compliance. With proper assessment and management more fitted for the evolving market, audit and compliance will play a value-added role in achieving enhanced cybersecurity for organizations.
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity
| 703-907-7090
| admin@isalliance.org
| 2500 Wilson Blvd, #245
Arlington, Virginia 22201
USA
ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.