“The sudden rise in focus on attestation over user access is linked to the fact that PCAOB Audit Firm Inspections last year were very hot on this issue and so external audit firms have been taking a firm line on this with their clients, which in turn means the clients are getting audit issues raised where they might not have done before.” Big 4 Audit Partner
The current crisis has created a wealth of opportunity for fraudsters and other ne’er-do-wells.
Worse, the changing patterns of work, job losses, remote working, furloughs, adjusted service provider arrangements are all raising the threat level in our risk associated with “human factors” and access to applications and business processes.
We know from our practice that pre-Covid-19, many global organisations had up to 20% of the access credentials for their core financially relevant systems that were redundant, outdated and presented a clear threat. And this accounts for THOUSANDS of wrongly authorized access points to corporate applications. Whilst most firms had a reasonable handle on their direct employees, the governance over the access rights of temporary workers, service providers, outsourcers, suppliers, business partners, consultants et al tends to be much weaker.
Our speakers covered topics to get up to speed on the dimensions of the risk, the elevated threat level, and some practical steps you can take today, WITHOUT the need to acquire further software.