18 January 2022
CONNECT WITH The IIA  LinkedInFacebookTwitter
IIA Global SmartBrief
The smarter way to stay on top of the internal audit professionSIGN UP ⋅   SHARE
Internal Audit Watch
Talent risk is increasing in the UK internal audit profession, with not only the pandemic but also Brexit shrinking the workforce, Aaron Wright writes. Wright suggests five questions organisations should ask to gauge talent risk, including whether they maintain staff diversity and whether they plan adequately for a smaller talent pool.
Full Story: AuditBoard (05 Jan.) 
LinkedIn Twitter Facebook Email
New Your Voices Blogs Available
Do you have the curiosity our Your Voices blogs call for? Internal Auditor magazine's Your Voices blogs provide insightful, practical information for our readers — from staff level to CAE. Both contributors and readers alike say this platform is the perfect place to share unique insights and practices. Read the latest blog posts now.
Risk Management
The Bank of England's Prudential Regulation Authority has sent an open letter to global banks with UK operations that sets the regulator's 2022 agenda as prioritising operational risk, climate change, diversity and the Libor transition. The PRA is particularly concerned with banks' progress on climate risk management, noting it expects firms "to take a forward-looking, strategic and ambitious approach to managing climate-related financial risks".
Full Story: Financial News (UK) (tiered subscription model) (12 Jan.) 
LinkedIn Twitter Facebook Email
NEW! CRMA Study Materials Now Available
The updated CRMA Exam Study Guide and Practice Questions, 2nd Edition, compiles comprehensive review material needed to prepare for the new Certification in Risk Management Assurance (CRMA) exam. Crucial information is presented in this one-of-a-kind study guide for each exam domain. Order now!
Regulation & Compliance
Canadian Finance Minister Chrystia Freeland and Environment and Climate Change Minister Steven Guilbeault have received a directive from Prime Minister Justin Trudeau to establish a requirement that companies disclose financial information related to climate change. Trudeau wants the requirement based on a framework from the Task Force on Climate-related Financial Disclosures.
Full Story: The National Law Review/Mintz, Levin, Cohn, Ferris, Glovsky and Popeo (05 Jan.) 
LinkedIn Twitter Facebook Email
Financial institutions in Asia are having difficulty coping with increasingly fragmented data-protection requirements imposed by governments, write Matthew Chan and MJ Park of the Asia Securities Industry & Financial Markets Association. "With the rise in such divergent approaches, an uncertain and constantly shifting regulatory climate is affecting [financial institutions] operating across borders in the interconnected global digital economy, throwing a spanner not only into their external market activities, but also into their inner operations and processes, ranging from customer data and risk management to regulatory compliance," they write.
Full Story: International Financial Law Review (29 Nov.) 
LinkedIn Twitter Facebook Email
The EU's data privacy watchdog, the European Data Protection Supervisor, has ordered Europol to delete large amounts of information the law enforcement agency has collected about individuals without proven criminal links. "A 6-month period for pre-analysis and filtering of large datasets should enable Europol to meet the operational demands of EU Member States relying on Europol for technical and analytical support, while minimising the risks to individuals' rights and freedoms," according to a statement from EDPS Supervisor Wojciech Wiewiorowski.
Full Story: ABC News/The Associated Press (10 Jan.) 
LinkedIn Twitter Facebook Email
Online Testing for CIA Exam
Becoming a Certified Internal Auditor (CIA) proves credibility and proficiency. Earn the only globally recognized internal audit certification online. Learn more.
Fraud & Ethics
Forty people have been arrested in Turkey and accused of using livestreaming platform Twitch for money laundering. The scheme allegedly involves paying Twitch users with a proprietary Twitch currency, which is purchased with stolen credit cards, then distributing proceeds when the Twitch currency is converted into real money.
Full Story: PC Gamer (04 Jan.),  The Washington Post (tiered subscription model) (11 Jan.),  Daily Sabah (Turkey) (04 Jan.) 
LinkedIn Twitter Facebook Email
Take Personalized Prep to the Next Level
The IIA's CIA Learning System provides the most personalized, flexible, and efficient study experience for express, exam day success. It is the only CIA exam preparation program that aligns The IIA's professional knowledge, training, and certification expertise. Take it personally, pass it efficiently.
French regulator CNIL has fined Google and Facebook for not letting users easily opt out of cookies. Privacy lawyer Agustin Allende says the penalties of €150 million for Google and €60 million for Facebook are insufficient, noting, "Faced with the privacy violations that have supported a business model, their penalties should be set based on a percentage of worldwide sales."
Full Story: GovInfoSecurity (07 Jan.) 
LinkedIn Twitter Facebook Email
A massive attack that has taken down multiple Ukrainian government websites, including that of the Ministry of Foreign Affairs, has left foreboding messages to "wait for the worst". Dmitri Alperovitch, a cybersecurity expert and co-founder of CrowdStrike, says, "We are also seeing increased cyberintrusions that appear to be intelligence collection for potential execution of a kinetic operation by the Russians."
Full Story: CNN (14 Jan.),  The Washington Post (tiered subscription model) (14 Jan.),  CBS News (14 Jan.),  Reuters (14 Jan.) 
LinkedIn Twitter Facebook Email
Russian advanced persistent threat groups have exploited bugs in Microsoft, Oracle and Cisco products to attack critical infrastructure in the US and overseas, according to an advisory from the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency. The advisory says the groups conducted "high-profile cyber activity" on state, local, tribal and territorial agencies and aviation systems in 2020, as well as "multi-stage intrusion" campaigns in the energy industry from 2011 to 2018.
Full Story: ZDNet (11 Jan.),  Nextgov (11 Jan.) 
LinkedIn Twitter Facebook Email
Local media in China report that Walmart is allegedly violating Chinese cybersecurity laws due to "vulnerabilities" in the retail giant's network system that were not quickly remediated. Another claim against Walmart is the removal of products made in Xinjiang from its apps and stores.
Full Story: Reuters (07 Jan.),  The Register (UK) (10 Jan.) 
LinkedIn Twitter Facebook Email
NEW! IIA IT General Controls Certificate
Enhance your specialized knowledge and showcase your expertise in 12 key technology areas by completing The IIA's IT General Controls Certificate Program. Passing the exam at the end of the program demonstrates your competency and distinguishes you from your peers.
Learn more about this self-study program.
IIA News
New IIA internal audit compliance report
A new Global Perspectives & Insights, "Internal audit and compliance: Clarity and collaboration for stronger governance," explains why a clear understanding of roles is critical to effective compliance and independent assurance. It includes analysis on applying the Three Lines Model's Six Principles and practical illustrations from practitioners. Download the report today.
LinkedIn Twitter Facebook Email
Foundation and Protiviti release new resilience report
The Internal Audit Foundation, in collaboration with Protiviti, has released "Are We Ready? It's Time for Internal Audit to Focus on Resilience Amid Extreme Change." This report helps readers understand business resilience versus business continuity, and how stakeholder and board expectations have changed with recent disruption. It's imperative to learn how internal audit can shift the paradigm of thought to transform the organization and remain resilient. Download your copy of this complimentary research report.
LinkedIn Twitter Facebook Email
COVID-19 Resource Exchange
In January it's so nice While slipping on the sliding ice To sip hot chicken soup with rice ...
Maurice Sendak,
illustrator, writer
LinkedIn Twitter Facebook Email
IIA Global Resources
IIA Global HQ Contact Information
The Institute of Internal Auditors, Global Headquarters
1035 Greenwood Blvd., Suite 401
Lake Mary, FL 32746 USA
E-mail: CustomerRelations@theiia.org
Phone: +1-407-937-1111
Fax: +1-407-937-1101

About The IIA

Not an IIA member? Explore the wide range of career support tools and resources The IIA offers its members globally.
SmartBrief publishes more than 200 free industry newsletters - Browse our portfolio
Sign Up  |    Update Profile  |    Advertise with SmartBrief
Unsubscribe  |    Privacy policy
SmartBrief, a division of Future US LLC ©
1100 13th St. NW, Suite 1000, Washington, DC 20005