DATA UNDER SIEGE

Dounis discusses the role of auditors in mitigating the risk of information leakage. Every day, significant amounts of information fuel business processes that involve parties both inside and outside an organization's network boundaries. This data can travel in many forms, including email, word processing documents, spreadsheets, database files, or paper documents. Over the years, technology has transformed information from a structured, paper-based form that was easy to protect, to an unstructured, digital format encompassing email, mobile devices, and social media. Preventing data leakage and managing information security risks are businesswide challenges. Although there is no one right way to protect data, organizations that effectively address the risks and communicate them to employees are better positioned to create and enforce sustainable security strategies. By providing consulting and assurance, internal auditors can address their organization's data risks and assure that controls are in place and working effectively.