How to Perform an Effective Cybersecurity Audit?

While cybersecurity (CS) risk has been increasing, competencies and tools to perform CS audits have are still largely lacking.

The presentation will expound on a tool that has been developed to help internal auditors perform cyber audits comprehensively and effectively. We tested it on a large international sample of IT auditors from more than 20 countries. We also examined the drivers and risks of CS audit.

The presentation will conclude by presenting the steps that internal auditors should take to ensure an effective CS audit.


Learning objectives are as following:
- Learn about the tool to perform a comprehensive internal audit of cybersecurity risks
- Understand major risks in the internal audit of cybersecurity risks
- Discuss solutions to tackle the major risks and shortcomings of CS audit



Matej Drašček
Matej Drašček , Ph.D., is chief audit executive for a regional retail bank in Slovenia. In addition to having served as a lecturer for several universities and faculties, he has published numerous professional and scientific international articles on internal audit, human resources, business ethics, and strategic management. Drašček has spoken at numerous domestic and international conferences, presenting new tools and insights in internal audit, strategic management, and ethics. He won The IIA’s William S. Smith Award for the highest score in the CIA exam as well as The IIA’s John B. Thurston Award for the best article about business ethics. He holds CIA, CRMA, CFSA and CSX-F and is currently president of IIA Slovenia.


Advisori protiviti



IT-GRC-Kongress Newsletter

Sie möchten über den IT-GRC-Kongress
auf dem Laufenden gehalten werden?