This article, "Internal auditors prepare for post-pandemic risks," originally appeared on

Internal auditors are keeping a close eye on emerging risks as the COVID-19 pandemic continues, with cybersecurity at the top of the priority list.

A new survey by AuditBoard, a provider of cloud-based audit, risk and compliance management technology, polled a group of 180 internal audit leaders and found that cybersecurity and data protection are considered to be top risks by 90% of the respondents. Organizations are facing unrelenting cyberattacks. Other emerging risks involve the labor shortage, third-party oversight, regulatory changes and business continuity.

The pivot to reliance on remote workers during the pandemic has brought some advantages, according to the report, including greater use of the latest technology, but also challenges, particularly when it comes to maintaining relationships in the organization and retaining talent.

Other risks include economic conditions; third-party risks; environmental sustainability concerns; diversity, equity and inclusion; all emerging as particular areas of focus for companies over the next few years.

“COVID-19 created what is arguably the greatest disruption for organizations as well as for internal auditors, due to their enterprise-wide role,” said AuditBoard senior internal audit advisor Richard Chambers, the former president and CEO of the Institute of Internal Auditors, who authored the report. “The pandemic heightened risks in virtually every facet of enterprise operations. We’re glad to see that internal auditors have met many of the challenges through transformation and resiliency.”

The survey indicated that internal audit is responding to new and existing challenges by increasing its resources, a trend that’s anticipated to continue through at least 2025. In 2021, twice as many internal audit leaders (36%) reported budget increases compared with those reporting declines (18%), and nearly three times as many (29%) increased staff as decreased staff (10%). Over the next two years, 52% predict budget increases and 46% expect to expand their teams, with an emphasis on highly sought skills.

Other findings of the “2022 Focus on the Future” report include:

  • Analytical/critical thinking and communications ranked as the top two “critical skills” necessary for effective internal auditing, with more attention being placed on cybersecurity, data mining/analytics and business acumen.
  • 51% of internal audit leaders hired remote staff during the past 18 months, while 26% saw their team members “poached” by other organizations.
  • 40% of the respondents believe remote operations weakened some relationships between internal audit and stakeholders within the organization, leading to more refinement of their communication and assessment strategies.
  • Over 80% of internal auditors increased their use of specific technologies to improve their work, especially in the areas of data extraction/analysis and cloud-based audit