​The Internet of Things: Risks and Opportunities

Internal Auditor’s latest winning scholarship essay examines risks and opportunities associated with the interconnectedness of physical devices.

Comments Views
William Taylor

As technology evolves and becomes an integral aspect on a global platform, organizations must also evolve to become more efficient and effective and to gain competitive advantages. The concept of the Internet of Things (IoT) allows organizations to do just that. IoT can be defined as “any objects that contain networking and computing elements and communicate with other objects over a network” (Tysiac, 2015). The application of the IoT can benefit organizations in many ways; however, IoT is accompanied with numerous risks such as security, privacy, and data management challenges. In addition to organizations acclimating to the IoT, auditors must become educated with this new technology and understand the complexities that are associated with it (Salman, 2015).

The applications of the IoT can greatly enhance the operations of organizations by utilizing technologies such as radio frequency identification, wireless sensor networks, middleware, and cloud computing. These tools allow organizations to monitor and control data, perform business analytics, and share information among people and technology. Organizations of any industry can benefit from the utilization of IoT related technologies. For example, retail organizations use point-of-sale technologies to complete transactions and store data and healthcare providers are able to maintain better records of patients and create personalized care which can reduce adverse events (Lee & Lee, 2015).

The IoT offers great opportunities for organizations; however, the associated risks are numerous. With data collecting, storing, and transferring, security and privacy become top priorities for organizations. “Seventy-two percent of global IT and cybersecurity professionals surveyed by ISACA say there is a medium or high likelihood that an organization will be hacked through an IoT device” (Salman, 2015). Along with security risks, data management becomes a challenge due to the massive amounts of data collected. Organizations have to prioritize data collections and/or backup pertinent data as needed (Lee & Lee, 2015).

As with organizations, internal auditors must evolve as technologies are integrated into an organization’s operations. Knowledge of IoT devices and an understanding of the risks associated with IoT tools allow internal auditors to advise management on how these tools can benefit the organization such as competitive advantages and agility. “Internal auditors should evaluate the operational and financial risks that IoT can expose their organizations to and provide assurance that those risks are controlled appropriately” (Salman, 2015).

In conclusion, the IoT presents many opportunities and risks to organizations. Management and internal auditors have to become knowledgeable with IoT tools to successfully implement and control these technological advancements. “The true value of the IoT for enterprises can be fully realized when connected devices are able to communicate with each other and integrate with vendor-managed inventory systems, customer support systems, business intelligence applications, and business analytics” (Lee & Lee, 2015, p. 431).

Works Cited

Lee, I., & Lee, K. (2015). The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 58(4), 431-440.

Salman, S. (2015, October 29). Auditing the internet of things: the rise of internet-connected devices and systems bring both new opportunities and risk for modern organizations. The Institute of Internal Auditors. Retrieved September 8, 2016, from https://iaonline.theiia.org/2015/auditing-the-internet-of-things.

Tysiac, K. (2015, January 28). How to manage risks connected with the “internet of things.” Journal of Accountancy. Retrieved September 8, 2016, from

Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

Comment on this article

comments powered by Disqus
  • AuditBoard_Pandemic_May 2020_Premium 1_
  • Galvanize_May 2020_Premium 2
  • IIA CERT-Online Proctering_May 2020_Premium 3