IT risk management 'must be corporate issue'

11 December 2008

Businesses must address IT risk management at the corporate level, as those who treat it solely as a technology issue risk a "plethora of problems" that could potentially threaten the long-term health of their enterprise, a new report has claimed.

In the paper, the Butler Group argues that effective IT risk management requires "senior executive sponsorship" and an approach that emphasizes "putting the right people in the right roles - and giving them the necessary guidance and authority".

The company adds that the rise of mobile and remote working has simultaneously made it more important and more difficult to secure IT systems. At the same time, the increasing reliance on IT for business means there are "significant financial penalties" if networks are unavailable for even short periods.

Furthermore, high-profile data breaches and the loss of customers' personal details illustrate how failures in risk management can be damaging to corporate reputations.

Rob Hailstone, Butler Group's software infrastructure practice director, said: "The consequences of failing to manage IT risks pose a serious threat to any organization."

The Butler Group is an IT research specialist that was formed in 1990.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development