(024) 7460024 Ext 112 spi@undip.ac.id

Changes in the strategic environment require the role of internal auditors to adapt quickly in implementing efficient and effective business processes. Systematic business processes and objective analysis can be applied for effectiveness, efficiency, and performance optimization.

Company data turns into digital data that is used to store, access, and retrieve important information. Protection of information and data is no longer a priority but has become a necessity for most companies and government agencies around the world.

There are several definitions of cyber threats including:

1. Data breach is the breach of sensitive and protected or confidential data resulting from hacking activities that are used or stolen by unauthorized parties.
2. Cybercriminals are computer-based activities or computer networks used for criminal purposes. Hackers usually use this data information to blackmail victims to get some money.
3. Cyber ​​Attacks are activities aimed at disrupting the security, integrity, and availability of information.


Role of Internal Audit in Cybersecurity

There are five focus areas for internal audit to contribute to minimizing cybercrime, namely:

  1. Safeguards

    Internal audit provides a comprehensive approach to identifying organizational vulnerabilities. Testing with the bring-your-own-device (BYOD) method or checking contracts with third parties for compliance with security protocols, internal auditing provides valuable safeguards knowledge. Having effective IT governance is also important, and internal audits can provide safeguards for these areas.

  2. Detection

    Effective and efficient data analysis can provide an early alarm that something is not right. Internal audit can also compile data analysis and other technologies in its detection activities.

  3. Sustainable business processes

    Proper planning to address and address some risk scenarios that could affect the organization’s ongoing operations, including cyberattacks, natural disasters, or succession.

  4. Crisis Management or Communication

    Preparedness in crisis management and crisis communication can have a significant and positive impact on the impact and reputation of an organization. Internal audit supports the development of plans, assures verification of effectiveness and timeliness, and ultimately provides results of analysis of the implemented plans.

  5. Continuous improvement

    Internal audits can have a positive impact by contributing to a broad scope. Cyber ​​preparedness can be assumed for continuous cyberattacks. But there is no point if the organization does not improve and improve cybersecurity vulnerabilities to be better prepared for the next attack.