Professionals in decision-making roles are driving their teams to enhance cybersecurity measures and reduce operational risks as AuditBoard, the cloud-based audit, risk, compliance, and ESG management platform, reveals that 91 per cent are concerned about looming cybersecurity threats.
The Digital Operational Resilience Act (DORA), Network and Information Security Directive 2 (NIS2) and the EU AI Act share a common purpose: improve cybersecurity and operational resilience while ensuring responsible AI use. The report by AuditBoard in partnership with Ascend2, Unlock Regulatory Compliance With DORA, NIS2, and the EU AI Act explores challenges and opportunities firms face as they look to become compliant.
Karen Albert, vice president of internal audit at Constellium
“At a time when there are more cyber threats than ever before, ensuring compliance with new regulations remains a top priority for our business,” said Karen Albert, vice president of internal audit at Constellium. “This new research by AuditBoard illuminates the primary barriers to conformance with regulations such as DORA, NIS2, and the EU AI Act, and provides a map forward for organisations looking to improve their cybersecurity posture.”
A lack of company-wide cohesion
AuditBoard found that executives may view periodic updates as ‘real-time’, while practitioners often rely on manual processes and spreadsheet-based reporting, which are often far from real-time. Ninety-two per cent of executives say they have real-time insights into compliance posture compared to just 69 per cent of management professionals, highlighting the disconnect between perceived timeliness of data and the operational reality.
Challenges to stay compliant
Organisations are under constant pressure from regulators to be more proactive and adopt better strategic approaches to not only ensure they remain compliant but also to strengthen their risk posture and improve operational workflows and processes while using technology more responsibly. In regard to the regulations in the report’s title, 90 per cent of professionals stated that conforming with regulations applying to them would impact their workload.
The report found that InfoSec professionals feel the weight of compliance efforts most, with 38 per cent expecting to be impacted to a great extent. Meanwhile, only 29 per cent of risk management professionals and 28 per cent of IT professionals are expected to be impacted in the same way. Increased workloads could potentially lead to a greater risk of noncompliance as teams struggle to stay afloat on daily tasks.
Working to meet regulatory demands
Many organisations have significant work ahead of them on their journey to compliance. Even those claiming to already be in compliance with the EU AI Act are missing essential elements of compliance that could leave them vulnerable. Meanwhile, 63 per cent of those claiming compliance report having transparency measures in place. Fifty-five per cent say they have implemented risk management frameworks, and just over half (51 per cent) execute comprehensive risk assessments.
Breaking down which regulations are being worked towards, the report found that compliance with NIS2 is more commonly reported to be a high priority amongst organisations surveyed compared to DORA and the EU AI Act. However, only 52 per cent of organisations report being compliant, while another 44 per cent plan to meet requirements by the end of next year.
Jason Sechrist, director of product solutions, EMEA at AuditBoard
Furthermore, AuditBoard found that 83 per cent of professionals are concerned about third-party AI use in regard to compliance with the EU AI Act. However, even more of those surveyed (91 per cent) do feel that the EU AI Act will positively impact their organisation’s use and development of AI applications.
“We found that by leveraging purpose-built technology, professionals in all levels and functions can make more effective decisions and more efficiently execute efforts required to maintain compliance,” said Jason Sechrist, director of product solutions, EMEA at AuditBoard. “Whether in early stages of compliance or actively working to maintain it, organisations can use the findings in this report to build a framework for their journey and help future-proof their conformance strategies.”
The post Different Position, Different Challenge: AuditBoard Reveals Why Firms Struggle With Compliance appeared first on The Fintech Times.
