Tech and Crypto Risk: What Auditors and CISOs Need to Know in 2025

Logo

GNAW Resources

IT: Risk. Control. Assurance.

Guiding your business through audits, migrations, and transformations

with clarity, compliance, and confidence

LATEST

‹ Back

Tech and Crypto Risk

Why the Public Company Accounting Oversight Board (PCAOB) Agenda for Nov 5 Signals Tech and Crypto Risk Under the Microscope

In a recent news release, the PCAOB announced the agenda for its forthcoming meeting of the Standards & Emerging Issues Advisory Group (SEIAG) scheduled for November 5, 2025. The agenda is notable because two core segments focus explicitly on: (1) Technology: Artificial Intelligence, and (2) Technology: Cryptocurrency.

Implications:

For IT Audit and Technology Risk teams, this indicates the audit regulator is placing emerging tech risks (AI, crypto) on the radar of audit standards and industry oversight. It suggests that audit firms and in-house audit/IT risk groups need to ensure their frameworks anticipate these topics.

From a SOX/IT-SOX standpoint the controls over AI systems (decision logic, data integrity, bias) and controls around crypto assets (wallets, custody, transaction logging) may attract heightened scrutiny. Auditors may need to assess whether organisations have appropriate risk assessments, governance/oversight over AI and crypto, clear audit trails, defined metrics for system performance/accuracy and similar.

For consulting & advisory there’s a differentiation opportunity, help organisations prepare for this "next frontier" of audit and regulatory attention. Whether it’s readiness for AI governance, or establishing controls around crypto-asset exposures, this will become a differentiator.

Key Take-aways

Perform an audit readiness review of your AI/crypto control environment. Are there clear ownership/responsibility lines? Is your audit committee aware of the evolving risk profile?

Map your control gaps! AI systems often fall between IT, data science and business units, audit coverage may be weak. Crypto assets may be sitting under treasury or finance; ensure IT/audit have visibility.

Update your risk-assessment frameworks to explicitly include "emerging technology" exposures. Make these part of your next IT risk workshop or audit planning cycle.

Building Assurance Through

Risk Based Decisions

Stay informed with the latest updates, analysis, and expert commentary from GNAW Resources, your partner in IT Risk Assurance and Audit Readiness.
We deliver practical, results-driven solutions to strengthen governance, controls, and compliance across complex technology environments.

Our focus areas include IT Risk Management, IT General Controls (ITGC) Reviews, Audit Preparation and Mitigation, and Control Planning for Cloud Migrations and Transformations.

With extensive experience in IT SOX compliance, security frameworks, and global assurance standards, our team helps organisations stay audit-ready, secure, and confident in every review cycle.

Empowering leaders to make informed, risk-based decisions that’s the GNAW Resources commitment. A community of forward-thinking professionals taking a smarter, stronger approach to technology risk.