Cybersecurity

The IIA provides perspectives, insights, tools, and resources to support your needs in Cybersecurity, so use this resource page to access the latest information.

Video: Cybersecurity: Threats and Expertise Nathan Anderson, senior director of internal audit at McDonald’s, discusses the most significant cyber threats facing his organization and the types of expertise internal auditors need to address them on The IIA’s Audit Channel. Watch now.

​
Latest Articles and Blogs Garner insights and leading practices from internal audit leaders: Trusted for Technology The Rising Tide of Cyber Risk Is Cybersecurity the Next Sarbanes-Oxley? When the SEC Speaks About Cybersecurity, We'd All Better Listen Tech vs. Fraud The IT Governance Gap Heightened Focus on Security Risk Guarding Against Ransomeware The Internet of Risks Repairing the Weakest Link Auditing Cyber Resiliency CAE Action Steps in Response to Recent Cyberattacks Does Your Organization's Cyber Culture Make You #Wannaaudit? The Dark Side of the Internet of Things Principles of Cyber Oversight	Trending and Research Explore thought leadership, reports, guidance, and research: Insight That Internal Audit Brings to Cybersecurity Culture​ The Security Intelligence Center—Next Steps: Beyond Response to Anticipation Pulse Solution: Perspectives on Cyber Resilience Cyber Resilience Technology Auditing Capabilities Cyber Liability Insurance Perspectives on Cyber Resilience: Public Sector Focus Cybersecurity Auditing in the Public Sector Information Technology (IT) Security’ Internal Audit as Trusted Cyber Adviser Crisis Resilience	Guidance Leverage the Standards and guidance to effectively manage AI: IG: 2000 - Managing the Internal Audit Activity IG: 2010 - Planning IG: 2100 - Nature of Work IG: 2110 - Governance IG: 2120 - Risk Management IG: 2130 - Control GTAG: Auditing IT Governance GTAG: Assessing Cybersecurity Risks: Roles of the Three Lines of Defense GTAG: Business Continuity Management GTAG: Change and Patch Management Controls GTAG: Identity and Access Management

Attacks Test Cyber Resilience Two studies highlight threats to key systems and the need to assess the organization’s defenses. Are organizations investing more in cyberattack prevention? What are the realities vs. perceptions? How can you better anticipate these risks? Are there more effective testing techniques? This article answers key questions in managing an ever-evolving risk.

​
Resources and Services The IIA provides a variety of professional services and tools: Quality Services and Resources Audit Intelligence Suite Audit Executive Center Guidance: International Professional Practices Framework®(IPPF®) Risk Resource Exchange Blogs	Video Hear from subject matter experts the latest tips and best practices on Audit Channel: Cybersecurity: Collaborative Assurance Cybersecurity: Threats and Expertise The State of Cybersecurity: Part 1 The State of Cybersecurity: Part 2 The State of Cybersecurity: Part 3 New Security Controls to Fight Modern Threats, Pt 3 Proactively Managing the Cyber Threat Landscape, Pt 1	Conferences and Courses Strengthen your knowledge and skills through conferences and courseware: FSAC Webinar Playback: Achieving a Cybersecure Organization Cybersecurity Auditing in an Unsecure World Logical Security: Application, Database, and Operating System Layers Logical Security: The Network Layer Vision University General Audit Management ConferenceTM Governance, Risk, and Control ConferenceTM