Page 54 - ITGC_Audit Guides
P. 54
Systems being compromised and taken over by bad actors.
Potential for malware to be embedded in learning engines, which could skew the results of
machine learning and potentially impact processes.
Internet of Things (IoT)
Growing pressure to increase the efficiency and quality of operational processing continues to
drive efforts to advance digitalization and automation. From these efforts, the internet of things
(Figure 20, sometimes referred to as “connected devices”) has emerged, which extends internet
connectivity into physical devices and everyday objects, such as TVs, wristwatches, refrigerators,
doorbells, thermostats, cars, and so many more.
Figure 20: Internet of Things
Connected Devices
Source: The Institute of Internal Auditors.
While devices communicate and interact with each other over the internet, they can be monitored
and controlled remotely. The ability of machines and systems to interface and exchange
information without human intervention expedites efforts around digitalization and automation.
Alongside the perceived significant benefits, challenges will inherently arise due to the rapid pace
of change. From a risk perspective, due to the sheer prevalence of devices and their connectivity,
the underlying security component is imperative. Organizations must have an understanding of all
connected devices, both company-owned and employee-owned, and understand the unique risks
associated with each.
Challenges for Additional and Emerging IT Topics
Technologies are emerging and evolving faster than ever. Regardless of an organization’s
maturity level using the technologies reviewed in this section, internal audit’s knowledge of them
46 — theiia.org
