The risks arising out of corporate information that lives in technology platforms was recently discussed during a joint educational event organized by the local Chapter of ISACA and the Malta Forum for Internal Auditors (MFIA) for experienced Audit Committee members, senior corporate executives, Auditors and Information Systems Auditors.
As part of its drive to raise awareness on the risks related to inadequate information systems, ISACA Malta Chapter – formerly known as the Information Systems Audit and Control Association – partnered with MFIA to deliver a presentation entitled “IT Risk: Challenges for Audit Committees” by Mr. Martin Douglas, a Ph.D. Researcher at Canfield School of Management.
Audit Committees traditionally do not hail from an IT background and as information technology continues to reshape corporate practices, audit committee members are increasingly faced with the security challenges brought about by huge volumes of corporate and client information created, managed, and communicated through IT systems, possibly over a long timespan.
The purpose of this event was to help existing and prospective audit committee members to accept this reality as a state-of-fact and to help them identify, understand and address the challenges associated with the ever-changing IT risk landscape.
Mr Douglas delved into the role of audit committee members who need to place the right questions to information systems audit experts about corporate IT security, sometimes across disparate IT systems within a single entity. The skill lies in tracing long and complicated sequences of electronic events and transactions, possibly happening through different technologies, hardware, across different organizations, and in various physical locations. Audit Committees are mandated by Law to provide oversight, to take responsibility with Regulators, and to make institutional submissions vouching for many months of management and technical actions, both those provided internally and those sourced from different IT providers.
The presentation by Mr Douglas diffused some of the apparent, sometimes real difficulty, of this responsibility and suggested approaches to de-mystify this seemingly combination of art and science.
Other presentations were delivered by Mr Nigel Curmi, Chief Information Officer, GO, and Mr Frederick Mifsud Bonnici, a seasoned Audit Committee member, experienced Auditor, former Chairman of the Malta Stock Exchange and Bank of Valletta plc and a Director of Middlesea Insurance plc. At present, he is a Director of Malita Investments plc.
The ISACA Malta Chapter will be hosting its Annual Networking Event on Tuesday, 16th July at 7pm at the Radisson Blu Resort, St Julians.