- All Journals
- Al-Qadisiyah University
- Basrah University
- Kirkuk University
- Mosul University
- The Iraqi Borad for Medical Specialization
- University of Anbar
- University of Technology
- Al Mustafa University
- Al-Zahraa University for Women
- Alnoor University
- Kunooz University
- Misan University
- Ninevah University
- Tikrit University
- University of Al-Hamdaniya
- University of Kerbala
The Role of Internal Auditing in Cybersecurity: A Theoretical and Analytical Study | ||
| Journal of Digital Innovation in Financial and Administrative Studies (JDIFAS) | ||
| Article 2, Volume 1, Issue 0, July 2025, Pages 11-16 PDF (345.41 K) | ||
| Document Type: Original Article | ||
| DOI: 10.69513/jdifas.v1.i0.a2 | ||
| Authors | ||
| Nadhim Hassan Rashid* ; Abdullah Sami Ali | ||
| Department of Accounting Techniques, College of Administrative Technologies, Alnoor University, Mosul, 41012, Iraq | ||
| Abstract | ||
| The research aims to understand the concept of cybersecurity auditing, the most important future skills required for internal auditors in the field of cybersecurity auditing, the main roles of internal auditing in this field, the most important steps taken by internal auditors to conduct a cybersecurity audit, the main areas on which internal cybersecurity auditing should focus, and an explanation of the role of internal auditing in cybersecurity governance. To achieve the research objectives, the researchers used a deductive approach to study and analyze, utilizing periodicals, books, and websites that address the research topic, particularly in relation to the following areas: cybersecurity auditing, the main roles of internal auditing in the field of cybersecurity, future skill requirements, the Institute of Internal Auditors' (IIA) cybersecurity Topical requirements, and the use of these three lines of defense against cybersecurity risks. The research reached a set of conclusions, the most important of which are: 1. Integrating cybersecurity risks into audit plans, rather than isolating them from other audit activities. This ensures the continued effectiveness of audit operations in the face of rapidly evolving threats. 2. It is important for internal audit units to understand the purpose of the objective requirements for cybersecurity and their relationship to the International Professional Practices Framework and global internal auditing standards. A comprehensive and accurate understanding of these requirements will help internal audit units adhere to the Institute of Internal Auditors (IIA) standards while ensuring cybersecurity practices. Based on the research findings, proposals were made that are consistent with these findings, the most important of which are: 1. Entities involved in the internal audit profession should hold specialized seminars and workshops to introduce the concept and dimensions of cybersecurity auditing, the steps internal auditors take to conduct cybersecurity audits, the key areas of focus for cybersecurity audits, and the role of internal auditing in cybersecurity governance. 2. Support internal auditors in improving the future technical and non-technical skill requirements for internal auditors in the field of cybersecurity auditing through continuous learning and professional development, to provide the skills and knowledge necessary to conduct effective cybersecurity audits | ||
| Keywords | ||
| Cybersecurity; Cybersecurity Auditing; Cybersecurity Topical Requirements | ||
|
Supplementary Files
|
||
|
Statistics Article View: 494 PDF Download: 159 |
||
