One of the purposes of Ethiopian Information Systems Audit Association establishment

In the place where the world and economy are dramatically linked, the Ethiopian government announced a Digital Ethiopia 2025 strategy in June 2020, just ahead of the global spread of Covid-19.

As a result of the strategy, several digital transformations were implemented.

To name some of the major transformation initiatives, such as the opening of the Ethiopian Information Network Security Agency (INSA), the Ministry of Trade and Regional Integration (e-commerce), the new Aberhot (Enlightenment) Library, one of the top ten libraries in Africa, the opening of the headquarters of the Ministry Ethiopia's defence and the deployment of the National Identification Service are among the important activities. We will soon witness the launch of the Grand Ethiopian Renaissance Dam project, which is expected to produce 700 megawatts of electricity this year.

The pace of digital transformation is so rapid that, if digital assets are not secured, cyber-attacks can arise. I'm not saying that Ethiopia doesn't have its own defence mechanism against digital assets, but I'm wondering how much work has been done to build cybersecurity awareness, especially among government officials. In addition cybersecurity awareness is essential when state-sponsored criminals are actively involved in service interruptions and extortion.

Ethiopia needs to start developing capacities within organizations, government institutions and technology professionals to create a secure environment and unlock the positive potential of the technology.

That is why the Ethiopian Information Systems Audit Association was established to provide knowledge transfer and raise awareness of cybersecurity with Ethiopian government agencies. With rapid technological development and ever-changing IT threats, effective cybersecurity training is a key component for organizations to align the right knowledge with the right individuals at the right time. Cybersecurity awareness helps to minimize information systems risks and prevent fraud, data loss, or brand reputation.

Since awareness is the first step forward, continuous education is a key element in educating organizations and individuals about cybersecurity. Self-assessments, internal and external audits are some of the key tools for improving any organization's internal controls and systems. Information systems auditing is an important tool that provides credibility, efficiency, and compliance, and provides an organization with confidence that vulnerabilities and deficiencies in the organization's internal systems have been discovered, documented, tested, and resolved.