What does 2024 have in store?

Navigating the Technology Landscape: Key Risks for Internal Audit in 2024

In today's rapidly evolving technological landscape, organizations are embracing innovative solutions to enhance efficiency, agility, and competitiveness. While these advancements bring significant benefits, they also introduce new and evolving risks that internal audit must proactively address to ensure that technology is utilized responsibly and securely.

Top Technology Risks for Internal Audit in 2024

1. Data Privacy and Protection: As organizations collect and store vast amounts of sensitive data, they must adhere to stringent data privacy regulations like GDPR. Data governance, management and quality is not new to organisations but is an area that is generating more focus from external parties, and if not managed in line with regulation, comes with hefty fines.

2. Digital Transformation and Automation: The adoption of cloud computing, artificial intelligence (AI), and robotics process automation (RPA) is transforming business operations. Organisations are investing heavily into the development of these in a bid to remain competitive. The release of ChatGPT, Google Bard and Amazon's Falcon has only increased interest in this area with organisations investigating how they can use these tools and embed them into business operations.

3. Ethical Implications of Technology: The ethical use of technology, particularly in areas like artificial intelligence, requires careful consideration. Roles and responsibilities can become clouded when a decision is being made by a machine, what if it were to make the wrong decision? Or one that does not align to an organisations risk appetite, strategy or social responsibility?

4. Cybersecurity: Cybersecurity remains a top concern for organizations, with the frequency and sophistication of cyberattacks continuing to escalate. Ransomware attacks in particular are becoming increasingly more sophisticated, and common, requiring organisations to assess current controls and adapt far quicker than before.

5. Talent Management and Reskilling: The rapid pace of technological change necessitates a focus on upskilling and reskilling not only those managing the technologies but also the internal audit function. It is key that we as auditors stay abreast of emerging technologies and adapt our skills to effectively evaluate and mitigate technology-related risks.

New and Emerging Technologies

1. Artificial Intelligence (AI) and Machine Learning (ML): As mentioned above Generative AI and ML is not science fiction anymore, organisations are focusing in on how these tools can push forward their organisations, drive efficiencies and ultimately reduce costs. With this comes new risks that management will need to identify, understand and manage.

2. Extended Reality (XR): XR technologies, such as augmented reality (AR) and virtual reality (VR), are gaining traction in various industries. Whilst you may think this is more suited to the gaming world, organisations have started looking into how these technologies can be used in areas such as training, education, early careers onboarding and marketing to name a few.

3. Quantum Computing: Quantum computing has the potential to revolutionise various industries, enabling organisations to solve complex problems at a speed and scale that was previously unimaginable. Advancements in this field is gathering interest and I am sure it will not be long before we start to see it be added to organisations technology strategies.

4. Blockchain: Take crypto out of the equation here as I know the two are often intrinsically linked. This one has been what you call a slow burn, whilst blockchain has been around for a while now, organisations are starting to use it to bring digital trust to the way they operate and effectively create a super audit trail.

In conclusion, internal auditors play a critical role in navigating the evolving technology landscape and mitigating the associated risks. By focusing on the key technology risks outlined above and embracing new and emerging technologies, internal auditors can ensure that organisations reap the benefits of technology without compromising their governance, risk management, and compliance frameworks. Upskilling and continuous learning are essential for internal auditors to adapt to the ever-changing technological landscape and effectively serve as guardians of organisational integrity.