Abstract
Technology is a crucial component of today's business and the heartbeat of many important services and initiatives. The impact of technology across the world is advancing rapidly, enabling people to perform regular activities on cell phones, tablets, and computers. Whether requesting a taxi, using social media or online banking, the need to have a digital profile has never been greater. Information Technology (IT) systems have increasingly become vital in the effective performance and execution of banking services and products. The banking sector is seen as a critical infrastructure. Therefore, it must execute the highest level of cybersecurity to protect its customers and data as the crippling threats of cyberattacks continue to develop. The increased sophistication, impact, and frequency of cyberattacks targeting the banking sector have highlighted the banks’ inability to completely protect the integrity of critical computer systems, thus resulting in an increased demand for more secure systems and products. The objective of the study was to analyse and understand how cyberattacks have impacted the South African banking sector—in addition to understanding the role IT auditors play in combatting cyberattacks in the SA banking sector.
This was achieved through secondary data, existing literature, and an empirical study. A questionnaire was sent out to IT auditors in one of the big financial institutions and responses were recorded. The results indicate that IT auditors play an important role in managing cyber risks in the banking sector. This led to recommendations, such as ensuring that IT governance guidelines, for example, practice advisories, are implemented within the bank’s cyber environment, ensuring that the IT audit function is an integral part of the bank’s strategy and that the IT audit function stays abreast by constantly applying new technology to protect its information systems.
.
Key words: IT Auditors, IT Risks, Cyberattacks, Risk management, Controls, Banking sector.