ECIIA presents: Auditing Cybersecurity within Insurance Firms

The European Confederation of Institutes of Internal Auditing (ECIIA) have recently released a new publication from the ECIIA Insurance Committee: ”Auditing Cybersecurity within Insurance Firms”.

This position paper intends to provide guidance to Chief Audit Executives (CAEs) in the Insurance sector in regard to the audit of cybersecurity. The document will increase knowledge of cyber risk and highlight why cyber risk is important. The paper provides a framework from which internal audit departments may build a multi-year long term approach to auditing cyber risks.

Information from the press release;

“The need for effective IT Cybersecurity controls has been highlighted by the European Insurance and Occupational Pensions Authority (EIOPA), saying that cyber risk is becoming a growing concern for institutions, individuals and also financial markets and is now at the top position of the list of global risks for businesses.”