COVID-19 has reshaped the risk landscape for chief audit executives, as they highlight IT governance to be the top risk for 2021 according to research by Gartner. A survey to identify the major risks facing boards, audit committees and executives found that a rapid shift to working from home has led organisations to jump years forward with their digital roadmaps in the space of just a few weeks.

This has spurred the rapid adoption of new technologies both on the employee and customer side, presenting new challenges to productivity, consumer preferences and guarding against security vulnerabilities. The Audit Plan Hot Spots Report revealed that IT governance is displacing data governance, which was the top entry for 2020 and is in second position for 2021.

Leslee McKnight, research director for the Gartner audit practice, said: “While the pandemic has created new challenges for audit executives to grapple with, what’s most notable is how the current environment has accelerated existing risk trends. The volatility and interconnectedness of the two most important risks – IT and data governance – also shines a light on the importance for firms to rethink their risk governance. Audit leaders should apply dynamic risk governance in order to rethink their approach to designing risk management roles and responsibilities.”

“The pandemic is forcing many audit and risk executives to address their organisation’s deficiencies in the most critical areas,” added McKnight. “Inadequate data governance and IT security practices will have even steeper consequences in the current environment than pre-pandemic, particularly when considering the types of data many organisations feel compelled to collect as a result of new health and safety measures.”

Gartner warns that CAEs need to assess how new technology adoption may be negatively impacting their IT departments’ plans, with IT support incident requests doubling in early 2020 to support a huge increase in work-from-home employees. Additionally, managing access rights for many more remote workers presents new risks such as ‘privileged user abuse’, which is expected to climb over the next 12 to 24 months according to a Gartner IT executive survey.

Gartner creates its annual Audit Plan Hot Spots report by combining input from interviews and surveys from across its global network of client organisations and experts.

Share Story: