Audit chiefs flag IT governance as top risk for 2021

COVID-19 has reshaped the risk landscape for chief audit executives, as they highlight IT governance to be the top risk for 2021 according to research by Gartner. A survey to identify the major risks facing boards, audit committees and executives found that a rapid shift to working from home has led organisations to jump years forward with their digital roadmaps in the space of just a few weeks.

This has spurred the rapid adoption of new technologies both on the employee and customer side, presenting new challenges to productivity, consumer preferences and guarding against security vulnerabilities. The Audit Plan Hot Spots Report revealed that IT governance is displacing data governance, which was the top entry for 2020 and is in second position for 2021.

Leslee McKnight, research director for the Gartner audit practice, said: “While the pandemic has created new challenges for audit executives to grapple with, what’s most notable is how the current environment has accelerated existing risk trends. The volatility and interconnectedness of the two most important risks – IT and data governance – also shines a light on the importance for firms to rethink their risk governance. Audit leaders should apply dynamic risk governance in order to rethink their approach to designing risk management roles and responsibilities.”

“The pandemic is forcing many audit and risk executives to address their organisation’s deficiencies in the most critical areas,” added McKnight. “Inadequate data governance and IT security practices will have even steeper consequences in the current environment than pre-pandemic, particularly when considering the types of data many organisations feel compelled to collect as a result of new health and safety measures.”

Gartner warns that CAEs need to assess how new technology adoption may be negatively impacting their IT departments’ plans, with IT support incident requests doubling in early 2020 to support a huge increase in work-from-home employees. Additionally, managing access rights for many more remote workers presents new risks such as ‘privileged user abuse’, which is expected to climb over the next 12 to 24 months according to a Gartner IT executive survey.

Gartner creates its annual Audit Plan Hot Spots report by combining input from interviews and surveys from across its global network of client organisations and experts.

    Share Story:

Recent Stories


Are property insurers ready for timber
The Structural Timber Association is gearing up to help all stakeholders in the construction supply chain to fully appreciate the advantages of building in timber, how to deliver such projects and most importantly to understand and manage the risks.

The changing face of BC and WAR
The working environment has changed quite dramatically for many over the last six months. With social distancing and the rise of homeworking, it is not just how businesses operate that has changed, but also how they recover. In this podcast we discuss some of the challenges created by the quick shift to home working, why the office may not have seen its last days and how the current environment can impact the ability of a business to recover.