Snap polls reflect questions posed by members of the Celent Executive Panel, a group of C level executives in the insurance industry. This question came about from a member who was looking for insights and advice around multi-factor authentication. This deck provides a summary of the responses to a Snap Poll conducted in August 2022 . 31 insurers responded to this survey.

If you are an insurer and are interested in participating and receiving these snap polls, please email kcarnahan@celent.com to verify eligibility.

The question that was posed was:

·Do you outsource your audit process for IT and cyber security or conduct it yourselves?

·If you have internal auditors that conduct IT and cyber audits

oHow many employees have you trained?

oWhat part of the organization did these employees come from? E.g. what sort of skill level/background have you found to be most effective?
Did you train them yourselves or use an outside organization to train them?

oIf an outside organization, who have you found that provides the best training of IT & Cyber auditing to non-IT auditors?

oHow effective do you think insourcing is?

oWould you recommend others do this themselves or would you recommend outsourcing?

·If you are outsourcing (or co-sourcing) IT and Cyber security general control audits

oWhat are the typical audits that you are outsourcing?

oWhat companies have you used?

oHow satisfied are you with the results?

oWould you recommend others outsource?

·Do you have any other thoughts or advice that might help this insurer as they think about whether to outsource or insource their cybersecurity and IT general audits?