Core Insights - Generative AI is emerging as a significant risk, but cybersecurity remains the primary focus for internal auditors [1][2] Group 1: Survey Findings - 41% of internal audit practitioners identified cybersecurity as a leading risk, while 35% cited generative AI [2] - The concern for cybersecurity increased to 45% in 2023, while generative AI concerns rose to 17% [3] - Audit committees prioritize cybersecurity at 52%, an increase from 47% two years ago, while generative AI concerns rose from 19% to 39% [4] Group 2: Audit Plans and Assessments - 89% of audit professionals reported that their audit plan includes a cybersecurity audit, and 67% include a generative AI assessment [5] - Over half of companies have reviewed their attack response (56%), addressed data storage security risks (54%), and evaluated security training (53%) in the last 18 months [7] - 14% of companies have not addressed ransomware in their audit plan, and 11% have not independently assessed information security [7] Group 3: Challenges in Cybersecurity - Developing and retaining cybersecurity skills is viewed as difficult by half of audit leaders, with only 37% seeing a return on investment from cybersecurity audit tools [6] - The most frequently evaluated areas of information security include password policies (56%), internal attack assessments (46%), and external penetration assessments (51%) [8]

Core Insights - The 2025 Internal Audit Priorities Survey by Jefferson Wells highlights that cybersecurity remains the top emerging risk for the fifth consecutive year, emphasizing the need for strong cyber defenses in a vulnerable technology landscape [2][4] - Generative AI has emerged as the second most pressing concern, influencing audit strategies and the necessary skillsets to manage these risks [2][4] - Economic uncertainty has become a significant factor for audit leaders, with 26% of respondents citing it as a concern, a notable increase from nearly zero in the previous year [2] Group 1: Key Trends - Cybersecurity is identified as the foremost risk, indicating a critical focus for internal audit functions [2][3] - The rise of generative AI is reshaping audit strategies and toolsets, necessitating new skills for audit teams [2][4] - Economic uncertainty is now a prominent concern, reflecting changing market conditions and their impact on audit priorities [2] Group 2: Challenges Faced - Internal audit departments are facing skill shortages in key areas such as cybersecurity, AI, IT audit, and data analytics [3] - Over 85% of audit leaders are relying on external partners to fill critical skill gaps within their teams [3][4] - The need for internal audit functions to adapt to rapid advancements in technology and economic conditions is underscored [4]