|
IT Risk Management needs to be treated as a Corporate issue
Organisations that treat IT Risk Management as a technology issue rather than one of corporate importance will leave themselves exposed to a plethora of
problems that could threaten the health of the entire concern. This is one of the key
conclusions to be drawn in new report from Butler Group. The report, ‘IT Risk Management’, says that while
technology support will be required, this is just as much an organisational issue with the
emphasis on putting the right people in the right roles, and giving them the necessary
guidance and authority.
“The consequences of failing to manage IT risks pose a serious threat to any organisation”
says Rob Hailstone, Software Infrastructure Practice Director at Butler Group. “It follows that
IT Risk Management efforts should have senior executive sponsorship and form part of the
broader corporate risk management initiative.”
The increasing complexity of IT systems including their distributed nature, remote and mobile
access, and direct support for access by external users have made risk management both
more critical and more difficult. At the same time the degree of dependency on IT services
has escalated, with many organisations suffering significant financial penalties after only a
short period of unavailability.
Headline incidents detailing the careless loss of sensitive information continue to cause
considerable embarrassment to corporate executives, and increasingly lead to direct or
indirect financial penalties. Additionally, the IT industry still has a long way to go in improving
its track record for delivering IT projects on time and on budget, and that meet the
organisation’s evolving expectations.
The report highlights the need to consider risk management issues from the early design
stage of IT projects and to clearly identify the actual likelihood of different types of risk
occurring and the actual cost to the organisation of any instances. It deals with the business,
organisation, technology, and standards issues that should be considered when planning an
IT Risk Management initiative and the impact that this is having on the market for supporting
technologies and how vendors are responding to the challenges.
Butler Group stresses the fact that the majority of problems that get exposed as IT failures
actually have their roots in people and process failures, and it encourages organisations to
take a systemic approach to risk avoidance as well as adopting appropriate IT technologies
and methodologies. “Only by understanding these variables can the cost of solutions be
balanced against the level of business exposure, and the best-fit solution selected,” says
Hailstone.
(This is press release of Butler Group of 9th Dec 2008)
CLICK FOR SPECIAL SECTION ON GLOBAL FINANCIAL CRISIS
Vast majority of banks lack enterprise-wide view of risk
Outlooks on most banking systems in Asia Pacific turns negative
Greater refinancing risk for Asia-Pacific borrowers
Government measures should stabilize global banking markets
Global banking industry to see more restructuring & consolidation
Indian Banking sector challenged by domestic, not global, factors
Subprime Crisis: A Special
CLICK FOR MORE FEATURES & STORIES
|
|
|