Emerging work-from-home risks
Organizations that have a significant number of employees working from home are facing a variety of new and heightened risks.
Technology
On the technology side, internal audit will need to evaluate the increased use of new and existing collaboration tools by employees in the remote working environment. For example, remote access tools and resources may have been quickly deployed without proper testing, and misconfigured applications could allow company information to be exposed.
The rapid implementation of new technology could also introduce new data privacy risks. Sensitive or regulated data accessed by employees or vendors outside of the office may not be protected appropriately based on leading practices or regulations.
As changes are made to enable a productive and safe remote workforce, the solutions deployed may not meet the organization’s cybersecurity and privacy-related compliance requirements. The widespread use of video conferencing, cloud-enabled collaboration and other online tools may require organizations to re-evaluate their cybersecurity program.