Through a cyber security lens



Similar documents
Foreign Taxes Paid and Foreign Source Income INTECH Global Income Managed Volatility Fund

Consumer Credit Worldwide at year end 2012

SUPPLEMENTAL EXECUTIVE RETIREMENT PLANS IN CANADA

BT Premium Event Call and Web Rate Card

The big pay turnaround: Eurozone recovering, emerging markets falter in 2015

2015 Country RepTrak The World s Most Reputable Countries

OCTOBER Russell-Parametric Cross-Sectional Volatility (CrossVol ) Indexes Construction and Methodology

USAGE OF METRICS AND ANALYTICS IN EMEA MOVING UP THE MATURITY CURVE

How To Get A New Phone System For Your Business

MERCER S COMPENSATION ANALYSIS AND REVIEW SYSTEM AN ONLINE TOOL DESIGNED TO TAKE THE WORK OUT OF YOUR COMPENSATION REVIEW PROCESS

The value of accredited certification

Lawson Business Intelligence. Solutions for Healthcare

International Financial Reporting Standards

MAUVE GROUP GLOBAL EMPLOYMENT SOLUTIONS PORTFOLIO

Global Corporate Capital Flows, 2008/9 to 2013/14

Appendix 1: Full Country Rankings

The Borderless Workforce Australia and New Zealand Research Results

A Nielsen Report Global Trust in Advertising and Brand Messages. April 2012

Global Dynamism Index (GDI) 2013 summary report. Model developed by the Economist Intelligence Unit (EIU)

GLOBAL DATA CENTER INVESTMENT 2013

World Consumer Income and Expenditure Patterns

Four steps to improving cloud security and compliance

Global Economic Briefing: Global Inflation

Motion Graphic Design Census. 10 hrs. motiongraphicdesigncensus.org. 9 hrs.

Fujitsu World Tour Human Centric Innovation. The Future of the Datacenter. Ayman Abouseif VP Product Marketing. 0 Copyright 2015 FUJITSU

2012 Country RepTrak Topline Report

best practice guide Moving Exchange to the Cloud: 5 Really Practical Best Practices

CNE Progress Chart (CNE Certification Requirements and Test Numbers) (updated 18 October 2000)

Project Management Salary Survey Seventh Edition Project Management Institute Newtown Square, Pennsylvania, USA

Project Management Salary Survey Ninth Edition Project Management Institute Newtown Square, Pennsylvania, USA

CHICAGO STOCK EXCHANGE, INC. MARKET REGULATION DEPARTMENT INFORMATION CIRCULAR. RE: ishares CURRENCY HEDGED MSCI ETFS TO BEGIN TRADING ON CHX

Reporting practices for domestic and total debt securities

FTSE All-World ex Fossil Fuels Index Series

E-Seminar. Financial Management Internet Business Solution Seminar

Employer Perspectives on Social Networking: Global Key Findings

Corporate Office Von Karman Ave Suite 150 Irvine, California Toll Free: Fax:

Global Investment Trends Survey May A study into global investment trends and saver intentions in 2015

Digital vs Traditional Media Consumption

CISCO METRO ETHERNET SERVICES AND SUPPORT

Lawson Talent Management

2015 Growth in data center employment continues but the workforce is changing

International Equity Investment Options for 401(k) Plans

GLOBAL DATA CENTER SPACE 2013

Global Effective Tax Rates

Sybase Solutions for Healthcare Adapting to an Evolving Business and Regulatory Environment

Global payments trends: Challenges amid rebounding revenues

Global AML Resource Map Over 2000 AML professionals

How do you manage the brain of the business in a way that supports the opportunities your organisation wants to take advantage of?

FTSE Global Small Cap Index

AVOIDING BUSINESS RISK: THE HIDDEN BENEFIT OF SOFTWARE AS A SERVICE

Foods With Healthy Supplements and Organics Have Room for Growth

Know the Facts. Aon Hewitt Country Profiles can help: Support a decision to establish or not establish operations in a specific country.

Configuring DHCP for ShoreTel IP Phones

THE BLEISURE REPORT 2014 BRIDGESTREET.COM

7 Seven. Leadership Development Trends

DATA LOSS BAROMETER. A global insight into lost and stolen information

Responding to Healthcare s Most Urgent Business Issues. Gundersen Lutheran Health System Case Study

AACSB International Accreditation and Joint Programs

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

opinion piece IT Security and Compliance: They can Live Happily Ever After

IOOF QuantPlus. International Equities Portfolio NZD. Quarterly update

ENDOWMENT & FOUNDATION GOVERNANCE: FIDUCIARY OVERSIGHT AND IMPLEMENTATION MAY 2013

Trends in Digitally-Enabled Trade in Services. by Maria Borga and Jennifer Koncz-Bruner

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

ISO 9001:2015 QUALITY MANAGEMENT SYSTEMS AUDITOR/LEAD AUDITOR

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

Investing in the United States Tazeem Pasha

October Trust in Advertising. a global Nielsen

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

Axioma Risk Monitor Global Developed Markets 29 June 2016

United Kingdom Internet Security Threat Profile

Supported Payment Methods

Performance 2015: Global Stock Markets

GLOBAL LEADERSHIP DEVELOPMENT EXECUTIVE SUMMARY

Supported Payment Methods

BANK FOR INTERNATIONAL SETTLEMENTS P.O. BOX, 4002 BASLE, SWITZERLAND

Global Retirement Indexes Illustrate Widespread Employee Benefit System Challenges

Avoiding The Hidden Costs

Student Finance and Accessibility in an International Comparative Perspective

Schedule R Teleconferencing Service

Avoiding The Hidden Costs. of the Cloud

BROWN BROTHERS HARRIMAN (LUXEMBOURG) S.C.A. Wells Fargo (Lux) Worldwide Fund

Hybrid Wide-Area Network Application-centric, agile and end-to-end

NetFlow Feature Acceleration

GE Grid Solutions. Providing solutions that keep the world energized Press Conference Call Presentation November 12, Imagination at work.

The Case for International Fixed Income

360 o View of. Global Immigration

relating to household s disposable income. A Gini Coefficient of zero indicates

Global Long-Term Incentives: Trends and Predictions Results from the 2013 iquantic Global Long-Term Incentive Practices Survey

STATE OF THE DATA CENTER SURVEY GLOBAL RESULTS

Cisco CNS NetFlow Collection Engine Version 4.0

Governance, Risk and Compliance Assessment

Global Pharmaceuticals Marketing Channel Reference EDITION

opinion piece Eight Simple Steps to Effective Software Asset Management

MULTI-ASSET STRATEGIES REDEFINING THE UNIVERSE APRIL 2014

July Figure 1. 1 The index is set to 100 in House prices are deflated by country CPIs in most cases.

Crisis and issues management

GfK PURCHASING POWER INTERNATIONAL

SEPTEMBER 2012 TALENT ASSESSMENT IN M&A THE PEOPLE FACTOR

The rise of the cross-border transaction. Grant Thornton International Business Report 2013

Transcription:

Through a cyber security lens 2015 Global Audit Survey kpmg.com

What the 2015 survey tells us Short of a crisis, the issues on the audit committee s radar don t change dramatically from year to year (and they probably shouldn t); but sometimes small shifts tell a big story. In KPMG International s 2015 Global Audit Survey, it comes as little surprise to see four key concerns carried over from last year: economic and political uncertainty and volatility regulation and the impact of public policy initiatives operational risk and cyber security. Clearly, a slowing global economy, the flare-up of geopolitical hotspots, and the proliferation of major cyber breaches have intensified the spotlight on these issues. In the year ahead, audit committees say cyber security and oversight of risk will require even more attention. For many audit committees today, these headline risks are also driving a slower moving yet critically important trend, potentially impacting the audit committee s effectiveness: agenda overload. Audit committees, by and large, continue to express confidence in their oversight of the company s financial reporting and audit quality. However, the accelerating speed and complexity of business and risk are stretching and straining many audit committee agendas. In a positive development, more boards are reallocating risk such as cyber security oversight responsibilities among their committees and the full board, which translates into more time for quality discussions and a deeper understanding of the business. Of course, it is difficult to compare data from 27 countries often with markedly different business environments, regulatory requirements, and corporate governance practices. However, our 2015 survey findings offer insights that audit committees (as well as management teams, auditors, and other stakeholders) can use to sharpen the committee s focus, benchmark its responsibilities and practices, and strengthen its oversight going forward. Source: www.kpmg.com/globalaci 1

Global snapshot Uncertainty and volatility, regulation and compliance, and operational risk top the list of challenges facing companies today. Many audit committees around the world point to economic and political uncertainty and volatility, regulation and compliance, operational risk, and controls posing the greatest challenge for their companies. Which is little surprise, given the struggling global economy, ongoing geopolitical turmoil, heightened government regulation, and speed of ever-changing cyber security risk and technology innovation. Audit committees want to spend more time on risk oversight particularly cyber security and the pace of technology change. In the months ahead, audit committees want to devote more or significantly more agenda time to overseeing the company s risk management processes and operational risk and controls, as well as cyber security and the pace of technology change with particularly acute concerns reported in the United States. The quality of information about cyber security and technology risk, talent, innovation, and business model description is falling short. Audit committee members rate much of the information they receive as good or generally good, yet many continue to express concern about the information they receive (at the committee or full board level) related to cyber risk and technology change, highlighting the CIO ranking lowest overall, in terms of quality interaction and communication. In this report, we zoom in on the results specific to cyber security showing where countries rank compared to the global average. 2

Top challenges and concerns Which risks pose the greatest challenge for your company? This graph shows respondents citing cyber security as one of the top three risks facing their company. 30% 33 30 25% 20% 15% 24 23 22 21 19 17 16 15 15 15 14 10% 5% Belgium US Chile Spain Singapore Australia Canada Brazil Global France Ireland Portugal Switzerland 3

13 13 12 11 10 10 9 8 7 5 5 5 4 3 0 UK South Africa New Zealand China/Hong Kong Japan Poland Mexico Peru Indonesia Channel Islands Netherlands Taiwan Thailand India Philippines 4

Top challenges and concerns Compared to 2014, how much agenda time should your audit committee devote to cyber security, including data privacy and protection of intellectual property in 2015? 40 15 3 37 5 More time Significantly more time Less time No change Not applicable Note: These stand-out figures refer to the global average. Detailed results by country: More time Significantly more time Less time No change N/A Number of respondents (N) Switzerland 60 5 5 30 0 20 US 53 21 2 22 2 232 UK 47 15 0 35 3 92 Canada 46 8 1 39 6 80 South Africa 44 18 3 33 2 66 Australia 42 16 0 41 1 74 Belgium 42 28 3 25 3 36 Spain 41 14 5 41 0 22 Japan 40 5 2 50 2 121 New Zealand 40 15 4 38 3 143 Global 40 15 3 37 5 1545 Singapore 39 23 10 26 3 31 Chile 38 10 0 48 5 21 Netherlands 37 16 0 47 0 19 Brazil 35 12 2 45 7 103 Channel Islands 35 10 0 40 15 20 Ireland 34 12 2 48 4 50 India 30 23 10 30 7 30 Portugal 30 15 0 50 5 20 Thailand 30 17 9 39 4 23 France 27 27 0 35 11 37 Mexico 27 26 10 34 3 73 Peru 27 18 9 36 9 22 China/HK 23 4 15 42 15 26 Indonesia 23 13 10 40 13 30 Philippines 20 15 5 50 10 20 Poland 17 17 0 61 6 18 Taiwan 11 17 6 67 0 18 5

Please rate the quality of information you receive whether as a member of the audit committee, other committees, or full board about cyber security and data privacy risks and their potential impact on the company. Detailed results by country for the answer: 10 Needs improvement : Excellent Spain (N: 22) 59% 49 41 Note: These stand-out figures refer to the global average. Generally good but issues arise periodically Needs improvement South Africa (N: 67) 54% France (N: 34) 53% Poland (N: 19) 53% UK (N: 92) 53% Switzerland (N: 21) 52% Australia (N: 74) 51% Belgium (N: 39) 51% Peru (N: 24) 50% Singapore (N: 28) 50% Netherlands (N: 19) 47% Channel Islands (N: 20) 45% New Zealand (N: 141) 45% India (N: 30) 43% Canada (N: 79) 41% Ireland (N: 49) 41% Global (N: 1535) 41% Brazil (N: 102) 38% Mexico (N: 74) 38% Indonesia (N: 30) 37% US (N: 228) 36% Chile (N: 21) 33% Philippines (N: 20) 30% China/Hong Kong (N: 26) 27% Japan (N: 120) 23% Portugal (N: 20) 20% Thailand (N: 22) 18% Taiwan (N: 19) 16% N: number of respondents 6 2015 KPMG International Cooperative ( KPMG International ). KPMG International Cyber provides no Insights client services and Magazine: Edition 2

Top challenges and concerns Please rate the quality of the audit committee s communications and interactions with the Chief Information Officer: 23 29 20 27 Excellent Good, but issues arise periodically Needs improvement Not applicable or no significant interaction Note: These stand-out figures refer to the global average. Detailed results by country: Excellent Good, but issues arise periodically Needs improvement N/A or no significant interaction Number of respondents (N) France 55 13 11 21 38 Taiwan 53 16 0 32 19 Chile 35 35 25 5 20 Japan 35 29 20 16 120 Thailand 32 27 5 36 22 US 30 33 14 23 224 Australia 29 35 18 18 77 Peru 27 18 36 18 22 Belgium 24 30 22 24 37 Brazil 24 34 33 10 101 Channel Islands 24 12 0 65 17 Switzerland 24 29 24 24 21 Global 23 29 20 27 1517 Mexico 22 30 25 23 73 Canada 21 18 21 40 80 Ireland 21 23 15 40 47 UK 19 36 17 28 89 India 18 7 32 43 28 New Zealand 18 24 21 36 140 Philippines 18 59 6 18 17 Portugal 15 35 35 15 20 South Africa 15 42 23 20 66 Indonesia 11 43 7 39 28 China/HK 8 15 23 54 26 Singapore 6 23 19 52 31 Poland 5 32 32 32 19 Spain 5 23 36 36 22 Netherlands 0 47 26 26 19 7

To which group has the board assigned the majority of tasks directly related to the oversight of cyber security and data privacy risk? 28 22 12 14 12 11 Full board Audit Audit & Risk or Finance Risk Technology Other Note: These stand-out figures refer to the global average. Detailed results by country: Full Board Audit Audit & Risk or Finance Risk Technology Other Number of respondents (N) Channel Islands 65 12 0 24 0 0 17 Taiwan 61 17 6 17 0 0 18 Poland 56 28 0 0 0 17 18 Switzerland 45 35 15 0 0 5 20 China/HK 43 9 0 13 17 17 23 Netherlands 42 26 5 16 0 11 19 Portugal 42 21 5 11 16 5 19 US 40 43 3 7 4 3 230 New Zealand 38 12 28 11 9 3 138 UK 36 23 10 16 6 9 87 Belgium 31 26 20 3 14 6 35 Canada 31 35 13 12 4 5 77 Singapore 31 14 10 31 10 3 29 Australia 30 9 32 18 7 4 74 Global 28 22 12 14 12 11 1473 India 24 21 3 28 14 10 29 Philippines 24 6 12 12 41 6 17 Ireland 22 28 9 28 9 4 46 Brazil 20 18 11 13 30 9 94 France 16 41 25 3 3 13 32 Japan 14 2 2 16 8 59 119 Peru 14 5 18 9 36 18 22 Thailand 13 17 22 17 17 13 23 Mexico 11 13 7 10 43 17 72 Spain 10 40 0 5 30 15 20 Indonesia 8 8 12 36 32 4 25 South Africa 8 23 26 22 18 3 65 Chile 0 25 25 10 25 15 20 8

Top challenges and concerns Be wary of mission creep, and consistently question whether new and ongoing issues belong on the audit committee s agenda. Does cyber security require more attention at the board level? Regional Data Points U.S. and Canada In the US and Canada, audit committees pointed to operational risk, the company s risk processes, and cyber security as key areas of oversight that will require more agenda time in the year ahead. Regional Data Points Europe In Europe, cyber security along with operational risk, the company s risk processes, and the pace of technology change are likely to get greater attention in the year ahead. 9

Survey demographics Please select the type of entity for which your responses have been based: Public company 62% Not-for-profit 14% Government entity 9% Private company private equity 8% Private company venture capital 6% Private company family owned 2% Are you the audit committee chair? Yes 54% No 46% What is the annual revenue of the largest company for which you served as an audit committee member? Less than $250m $250m - $500m $500m - $1bn $1bn - $1.5bn $1.5bn - $5bn $5bn - $10bn $10bn or more Not applicable 32% 15% 11% 8% 15% 6% 9% 4% What is the company s primary industry? Banking/Financial Services Industrial Manufacturing/Chemicals Retail/Consumer Goods Energy/Natural Resources Insurance Technology/Software Healthcare Transportation Real Estate Building/Construction Communications/Media Pharmaceuticals Higher Education Other 18% 14% 10% 8% 6% 5% 5% 4% 4% 3% 3% 2% 2% 17% 10

Contact Us For more information on the work of the ACI please see our website www.kpmg./aci or contact: David Meagher Chairman, Audit Institute Ireland Partner, KPMG Ireland t: +353 1 410 1847 e: david.meagher@kpmg.ie Michael Daughton Partner KPMG Ireland t: +353 1 410 2965 e: michael.daughton@kpmg.ie Niall Lavery Associate Director KPMG Ireland t: +353 1 410 1433 e: nial.lavery@kpmg.ie kpmg.ie/aci 2015 KPMG, an Irish partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. Printed in Ireland. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. The KPMG name, logo and cutting through complexity are registered trademarks of KPMG International Cooperative ( KPMG International ), a Swiss entity. If you ve received this publication directly from KPMG, it is because we hold your name and company details for the purpose of keeping you informed on a range of business issues and the services we provide. If you would like us to delete this information from our records and would prefer not to receive any further updates from us please contact us at (01) 410 2665 or e-mail sarah.higgins@kpmg.ie. Produced by: KPMG s Creative Services. Publication Date: June 2015. (846)

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information