888-448-5451 [email protected]

2022 Audit Plan Hot Spots

For business executives

The pandemic brought about a lot of changes for businesses that executives were not expecting, in any way shape or form.  No one could have prepared for what came because that is how unexpected it was for the whole world, but everyone did their best. Now that post-pandemic aspects are settling in (so to speak), plans for 2022 begin to take place and audit hot spots are on the agenda. 

For business executives who want to start taking a look at the top items you want to plan for in 2022, we have Gartner’s 12 item list.


2022 audit plan hot spots


  • Ransomware
  • Data and analytics governance
  • Digital business transformation
  • IT governance
  • Third parties
  • Business continuity (BC) and organizational resilience
  • Environmental, social and governance (ESG)
  • Supply chain
  • Strategy execution
  • Workforce management
  • Retention and recruitment
  • Economic uncertainty


As you can note, ransomware tops the list for 2022 audit plan hot spots.  We recently posted on NCX Group’s YouTube channel the SonicWall finding that ransomware increased 151% in the first half of 2021, so it is not surprising to see this cyber risks as number one out of twelve items to prepare for.

When you note the long-term affects of the pandemic and the increase in ransomware, it’s evident why the other key areas for audit planning involve societal expectations such as ESG risks and BC and organizational resilience. 

If you are offline, you are not conducting business. 

If you are offline, you can’t reach your customers or employees.

If you are offline, you won’t make it economically speaking in 2022.

If you are offline, you are that: ‘OFF’ ‘LINE’.

In today’s world, where lockdowns are still being discussed, this means you are not connected to anyone or anything if you are offline.  You can’t reach clients, employees, providers, partners, any of your data, and so forth. 

All that a business does is ONLINE now and those who are not embracing the online world are failing and closing up shop.

The caps are being used to make a point that business executives have been questioning since cybersecurity became a “thing”:  Why would a hacker, attack my business? What do I have that they would want?  We’re not a big business or someone famous or anything “special”?

The answer to the question, our CEO Mike Fitzpatrick, gives a very simple and straightforward answer to it every time it is asked: Your business data is what you have, and it is what they want. 

Whether a business fails or succeeds is not of a cyber criminal’s concern.

Gartner’s report goes on to explore how ransomware attacks have become prevalent and more complex, which is why they have become the focus for the C-Suite, boards, and management.

Due to the hybrid workforce and work environment post-pandemic, digital and IT risks have grown exponentially.  This is why you see data and analytics and IT governance as part of the audit plan hot spots.

For some guidance on what to do next, in an effort to plan for 2022 audit hot spots:

Make sure you evaluate and invest in cybersecurity awareness training.

Get a security assessment, one for your cloud environment too.

Review your incident response and business continuity plans. 

Make sure to include ransomware in these plans and to take a look at your vendor risk management processes.

Have a 360-degree cybersecurity posture for the diverse risk landscape.

Reach out if you need any support, for NCX Group provides all the above services through our cybersecurity experts team and our own cybersecurity awareness training program, cloud security tools, and so forth.

Schedule a time to talk to one of our experts here: https://calendly.com/ncxgroup