Cyber risk assessment during an internal audit

Are you confident that your IT systems are robust enough for today’s business world?

With the continued cyber attacks hitting the headlines and also bearing in mind GDPR came into force early last year, it has never been more important to improve your cyber security.

The statistics

The UK’s ‘Cyber Security Breaches Survey 2018’ found that 43% of businesses have experienced security breaches or attacks in the last 12 months. The average (mean) cost of breaches with financial outcomes is £3,100 for small businesses and £1,030 for charities. This is much higher for medium businesses (£16,100) and large businesses (£22,300).

Cyber security awareness

Cyber Security starts with the board and senior management setting a clear strategy that supports and protects the organisations objectives. Although we are seeing improved awareness and knowledge of cyber security on the boards of companies, there is still room for improvement. Cyber risk can often be an item on a risk register that is maybe reviewed once a year, however the board may lack awareness or expertise to make effective decisions to reduce cyber risk.

As a result it is important that cyber security risk is high on the agenda for all businesses, large and small. Cyber security is constantly evolving and therefore managing and keeping up to date with cyber risks can prove difficult.

cyber risk assessment during an internal audit
How we can help you

We have an experienced team in providing internal audit services. This provides businesses with an independent assessment of their current controls in place within the business. Following a full audit of areas of concern, we provide a concise report to the audit committee and the board of our findings. These include any weaknesses we find with recommendations as to how the business can strengthen their internal controls.

Each internal audit is different

The scope of our internal audit is tailored for each business to prioritise the risk areas that are most prevalent. As more and more technology is used, one of these areas is usually related to cyber security. However, the scope can also include other areas such as the finance function, corporate governance and GDPR.

For more information

For more information on our cyber risk assessments, please contact either:
Jonathan Vickery or Tim Glover, or call us on:

01483 416232