The Role of Internal Auditors Characteristics in Cybersecurity Risk Assessment in Financial-Based Business Organisations: a Conceptual Review

Abstract

Purpose: This paper aims to establish a theoretical framework that will enhance the examination of the role of internal auditors in cybersecurity risk assessment in financial-based business organizations. Financial-based business organizations are institutions or companies that render financial services to public and private stakeholders in an economy. It is a powerful sector in the economy of every country. This drive poses a lot of challenges to organizations. Hence, business organizations strategically devised a means to safeguard the integrity, confidentiality, and availability of information. Also, innovation poses many risks and threats to the internal audit function in an organization.   Theoretical Framework/Findings: Using the competency and planned behaviour theories (McClelland 1973 and Ajzen,1991), this study disclosed that the task performance of cybersecurity risk assessment by the internal auditor is influenced by the required internal auditor’s characteristics of professional ethics of integrity and objectivity, personality traits, professional skills competency professional knowledge competency and deterrence and rewards to advise the management on the implications of cyber security risk on business organisations for monitoring and mitigations.   Methodology: A literature review approach is adopted to highlight the role of internal auditors in cyber security risk assessment in financial–based business organizations.   Research Limitation/Implication: This conceptual paper has consequences for the practice of internal auditing. This approach is helpful to academic scholars in testing it out in the real world. This model is helpful to practitioners when evaluating the function of IAs in the cybersecurity risk assessment context.   Originality/Values: Earlier auditing-related studies haven't addressed this problem. This study makes an effort to close such a gap and investigate the subject of the internal auditor’s characteristics and cyber security risk assessment among financial-based organizations.