ChannelLife UK - Industry insider news for technology resellers
United Kingdom
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Data Protection
#
Digital Transformation
#
Quantum Computing

Audit reform urged to strengthen UK's digital resilience

Thu, 17th Apr 2025
Author image
By Shannon Williams, Journalist

ISACA and the Chartered Institute of Internal Auditors (CIIA) have sent a letter to the Secretary of State for Business and Trade, urging the Government to introduce audit reform legislation to strengthen the UK's digital resilience.

The letter, addressed to Jonathan Reynolds MP, highlights concerns over the delayed progress of the Audit Reform and Corporate Governance Bill, which was outlined in the King's Speech last year but has not yet been published. ISACA and the Chartered IIA stress that timely legislation is necessary to address growing risks associated with cyber security.

The coalition behind the letter includes organisations and individuals from across the cyber security and corporate governance sectors. Signatories comprise CEOs from Airmic, CREST, the Sheffield University's Audit Reform Lab, the Chartered Governance Institute UK & Ireland, CompTIA, IASME Consortium, the National Preparedness Commission, NEDonBoard, and Share Action. Notable individuals such as Sir Donald Brydon; the Rt Hon Baroness Neville-Jones; Ciaran Martin, former CEO of the National Cyber Security Centre; Dr Vladlena Benson MBE, Professor and Director of the Aston Centre for Cyber Security Innovation; and Adrian Jolly, Co-Founder of the Institute of Corporate Resilience, also signed the letter.

The coalition emphasised the need for the UK Government to act swiftly, referencing recommendations made by Sir John Kingman in 2018 and Sir Donald Brydon in 2019, specifically the need to expand the powers of the Financial Reporting Council, the UK's audit regulator. The letter further calls for larger UK companies to be required to report not just on financial resilience but also on resilience to digital risks.

According to the Government's Cyber Security Breaches Survey 2025, 43% of UK businesses suffered a cyber breach or attack within the past year. Over the last five years, UK businesses have lost more than GBP £44 billion to cybercrime. Additionally, 58% of cyber professionals believe their organisation will experience a cyber-attack in 2025.

The letter acknowledges the Government's current efforts to improve digital resilience but notes that other jurisdictions such as the US, EU, and Asian countries are moving ahead with similar reforms. The coalition warns that delays in UK audit reform could undermine investment and digital governance, creating economic risks.

Chris Dimitriadis, Chief Global Strategy Officer at ISACA, explained: "Our letter to government stresses that legislation and reform is long overdue. Failure to prioritise audit reforms will have a catastrophic impact on digital resilience leaving our vital infrastructure and businesses vulnerable to regular technological disruptions, including by malicious attacks and threats. This will have major implications for the economy, as well as on privacy and data protection.

"But alongside legislation, we must prioritise skills. The digital sectors including cyber, audit and privacy are plagued by skills gaps and understaffing. In fact, ISACA's latest State of Cyber study finds that 40% of cyber and IT professionals feel that their job has become more stressful today than it was 5 years ago due to their teams being understaffed. This is having a real impact on businesses' ability to protect themselves."

Anne Kiem, Chief Executive at the Chartered IIA, said: "We have witnessed multiple corporate failures connected to audit and governance deficiencies since the collapse of Carillion, with some of these companies completely lacking any internal audit capability. To tackle this, the Government needs to publish the long-awaited Audit Reform Bill and bring forward proposals for larger companies to publish Audit and Assurance Policies and Resilience Statements. This will drive growth and foster responsible risk-taking but also enhance digital resilience in an increasingly digital world."

ISACA has highlighted that malicious actors are increasingly exploiting emerging technologies to identify system vulnerabilities and conduct more sophisticated cyber-attacks. Preliminary findings from upcoming research by ISACA indicate that more than two-thirds of European IT professionals are concerned about the potential for quantum computing to break existing internet encryption standards before new post-quantum cryptography can be widely adopted.

Dimitriadis commented on these risks: "Digital transformation – driven by AI and cloud computing, has increased dependence on digital systems. One outage or breach can compromise entire networks, disrupting public services, threatening jobs, and weakening investor confidence. We've seen this in high profile cases such as last year's Crowdstrike outage.

"It's clear that rapid developments in AI and quantum are creating fresh challenges for digital resilience, highlighting the urgent need to bolster our defences. ISACA are looking forward to working closely with the UK government to build a digitally resilient future."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Hitachi Vantara unveils VSP One with AI ransomware defence
UK lags in workplace AI adoption, survey reveals disparity
Cobalt report reveals gaps in critical vulnerability fixes
UK accountancy inefficiencies costing GBP £5.328 billion
Bots surpass humans in online traffic, Thales reports
Top stories
Certinia unveils Spring '25 update with advanced AI tools
Thesys launches C1 API for AI-powered dynamic interfaces
Lasso introduces first security gateway for MCP workflows
Kiteworks reveals the top data breaches of 2024 report
Distology adds Radiflow to expand OT security for resellers