Internal audit can be a powerful resource for boards in addressing cyber risks.
Cybersecurity has become a permanent fixture in the modern risk landscape, and boards face increasing pressure to provide proper oversight of a threat that is multifaceted and constantly evolving. What's more, organizations are also facing new regulations that call for them to report on breaches they have experienced. Internal audit, which provides organizations with independent, objective assurance and advice, can be a powerful resource for boards in addressing cyber risks. According to a PwC report, "many companies leverage internal audit to review cyber processes and controls, including resilience and response."