The Institute of Internal Auditors Presents: All Things Internal Audit Tech
In this episode, Adam Ross speaks with Vipul Patel about how organizations can better prepare for ransomware attacks. They talk through what goes wrong in the first hours of an attack, what smart preparation looks like, and where traditional audit approaches fall short when a business is in crisis mode.
- HOST:
-
Adam Ross, CIA, CISA
Partner and Internal Audit Services Leader, Grant Thornton
- GUEST:
-
Vipul Patel, CISA
Audit and Assurance Managing Director, IT Internal Audit Leader, Deloitte & Touche LLP
KEY POINTS:
- Introduction [00:00:02-00:00:27]
- Common Mistakes in Ransomware Response [00:00:27-00:02:14]
- Building Crisis Communication Plans [00:02:20-00:03:03]
- A Simple Incident Response Runbook [00:03:03-00:05:03]
- Internal Audit's Role Before an Incident [00:05:03-00:07:05]
- Stress Testing and "What If" Scenarios [00:07:05-00:08:01]
- Tabletop Exercises and Cross-Functional Readiness [00:08:02-00:10:03]
- Partnering With the CISO and Management [00:10:03-00:11:15]
- Lessons Learned After Ransomware Incidents [00:11:15-00:14:05]
- Governance Changes After an Attack [00:14:55-00:16:55]
- Cyber Risk as a Business Issue [00:16:55-00:17:16]
- Traits of Organizations That Respond Well [00:17:20-00:19:44]
- Final Advice for Internal Auditors [00:19:44-00:20:56]
Visit The IIA's website or YouTube channel for related topics and more.
IIA RELATED CONTENT:
Interested in this topic? Visit the links below for more resources:
Follow All Things Internal Audit:
