Cybersecurity – What is the auditor’s role?

Sumesh Krishna, Partner

image

HLB HAMT - Accounting Firm in UAE

Phone:- +971 4 327 7775
Mobile:- +971 50 749 0576
WhatsApp:- +971 56 219 1607
Email:- dubai@hlbhamt.com

    Schedule a Consultation







    Cybersecurity risks are continuously evolving in the current world; therefore, the auditor must continuously evaluate the potential for cybersecurity incidents to have a material impact on the financial statements. The Standards require the financial statement auditor to understand how the company uses its information technology systems and its impact on the financial statements. This process includes understanding the extent of the company’s automated controls on the transactions and related reporting to the financial statements.

    The general IT systems controls are significant for the reliability of data and reports produced by the company and used in the financial reporting process, including IT risks resulting from unauthorized access. The financial statement auditors must consider their understanding of the company’s IT systems and controls for evaluating the risks of material misstatement in the financial statements.

    The systems and data are in scope for most financial statement audits in the IT environment of the company. Usually, these are a subset of systems and data used to support the company’s overall business operations.

    The auditor focuses on access controls and changes to systems and data, computer operations controls, and the reliability of company-prepared information by using the computer systems and data that could impact the financial statements and their effectiveness.

    The financial statement auditor’s primary focus is on the controls and systems closest to the application data of interest to audit the financial statements. Audit procedures will then be developed to address each company’s unique IT environment. Many cybersecurity incidents first occur through the perimeter and internal network layers, which tend to be further removed from the application, database, and operating systems typically included in access control testing of systems that affect the financial statements.

    However, the cybersecurity risk landscape has evolved, and the frequency and complexity of cybersecurity attacks continue to change. For example, cybersecurity incidents have resulted in the disbursement of unauthorized funds (e.g., a wire transfer) through compromising the company’s email system. Such incidents may not necessarily be sophisticated in the use of technology; instead, they have adapted to exploit weaknesses in the company’s policies and procedures that are vulnerable to cybersecurity risk today.

    As part of risk assessment and planning, auditors would broadly consider cybersecurity risks that could have a significant effect on the company’s financial statements Considerations related to cybersecurity risks include the potential fiscal impact of such risks on the financial statements and the inability of an organization to issue financial statements promptly because of a breach of its financial reporting systems (e.g., due to a ransomware attack). For example, auditors may obtain an understanding of the company’s business operations that give rise to cybersecurity risk and, to the extent such risks are deemed material to the company’s financial statements, adjust their audit plan accordingly to address those risks. The Common areas that may have exposure to cybersecurity risk include the transaction processes where bank account information is modified and funds are disbursed (e.g., wire transfer).

    Concerning the company’s cybersecurity disclosures, the auditor’s responsibilities depend on whether the disclosures are included in the audited financial statements. Suppose the disclosure is included in the audited financial statements. In that case, the auditor performs procedures to assess whether the financial statements, taken as a whole, are presented fairly in all material respects. The auditor’s assessment includes procedures specific to the financial statement disclosures. Such as, if a cybersecurity breach with a material financial statement impact occurs, the auditor will perform procedures around the affected account balances and assess whether the disclosures related to material contingent liabilities, if any, are reasonable concerning the financial statements taken as a whole.

     

    Would you like to rate us on Google?         

     

    Varun R Chandra
    Varun R Chandra
    07:38 25 Apr 21
    HLB Hamt is highly recommended! They have the quality of services that would satisfy your needs. I'm glad I found them.
    Giuseppe Assi
    Giuseppe Assi
    06:20 31 Jan 21
    I HAD A GOOD EXPERIENCE WITH HLB HAMT DUBAI. THEY HAVE A VERY PROFESSIONAL TEAM, GOOD QUALITY OF SERVICES, GOOD VALUE... FOR PRICE.I RECOMMEND THIS COMPANY.read more
    Mohamed Sheriff
    Mohamed Sheriff
    16:16 28 Jun 20
    Experience with HLB Hamt in audit experience is great pleasure. They deploy well qualified accounts team for audits.... And the amount of checking they perform give the management of the company confidence that internal controls are well in place. We are glad to see they have high standard of audit practices.read more
    218141 JOSEPH THOMAS
    218141 JOSEPH THOMAS
    16:20 23 Jun 20
    Professionally managed firm with commitment to the engagements taken. My company and its group are assigning our... requirements for last 12 years to HLB and we don’t have any negative remarks on any assignments.read more
    PMI
    PMI
    07:14 23 Jun 20
    In my opinion, HLB Hamt is one of the best professional firms in UAE after big4. Excellent client service, professional... and competent staff and timely delivery are their strength. Over the years they have developed the infrastructure and skill set to handle multiple verticals ie, audit, tax services, consulting, IT support etc.Wishing HLB Hamt team all the very best.read more
    RAVI CHOKSI
    RAVI CHOKSI
    08:28 21 Jun 20
    Thank you Team HLB hamt...Your internal auditing team put the good amount of time and inputs in helping the... organisation making considerable improvements throughout the organisational working structure and helps in building the better business.Thanks.read more
    Maharajan Subramaniam
    Maharajan Subramaniam
    18:17 06 Jun 20
    High-Performing IT Teams, I'm impressed with the knowledge level of their deputed staff, audit procedures, and... checklist adopted. Mr. Vimal especially understand the requirement and provide solution not only technical feasibility and also considered budgeting. We’re confident in their abilities.read more
    Mohammed L
    Mohammed L
    08:07 05 Jun 20
    We have been working closely with them on payroll services for quite sometime.They provide very professional... services,experts in domain and excellent support. Would recommend them.Cheers.read more
    ROY ROSHAN VIVIAN
    ROY ROSHAN VIVIAN
    06:32 04 Jun 20
    Very professional team. Vimal has always given us good solution advice for various Software and IT Infra projects. We... are very Extremely satisfied working with him and his team. Wishing them success.read more
    Basil Daniells
    Basil Daniells
    05:55 03 Jun 20
    I have worked with HLB as a partner of Sage for about 2 years, they were dedicated to the success of the partnership... and kept aligned with the business plan that was agreed between our two companies. They are always ready to go the extra mile for a customer and don’t shy away from challenging circumstances. Keep up the good work and wish you all the success in the future.read more
    Amar Kashyap
    Amar Kashyap
    19:28 02 Jun 20
    Team of well qualified and organised professionals. Their reports are not based on numbers first they will understand... their client and their business. They are highly recommended and trust worthy.read more
    Radz de Jesus
    Radz de Jesus
    16:03 02 Jun 20
    We're glad to have found HLB Hamt to conduct the IT audit and risk assessment for our organization. We have learned a... lot from their team during that first project. And since then, we've continued to be in touch with them. Mr. Vimal especially is very good at presenting technical concepts in simple yet interesting ways that non-IT and business people alike would easily catch. We are very happy with the professionalism and quality of service they provide. They leave their clients nothing short of satisfied. Highly recommended.read more
    Next Reviews
    js_loader

    Get in touch
    x
    x

    Share to:

    Copy link:

    Copied to clipboard Copy