itb-nz logo
Story image

ISACA survey shows IT business problems

08 Aug 2012

ANZ technology decision makers reported staffing issues, security breaches and business disconnection as major concerns within the industry.

Over half of ANZ technology decision makers reported a lack of IT staff in their organisations within the past year.

In a survey released from global IT association Information Systems Audit and Control Association (ISACA), the report says 54% of respondents had experienced IT staffing shortages with project over-runs also raising concerns (57%).

Nearly half of IT professionals (48%) also indicated a disconnection between the IT and business strategies with 29% noting their enterprise had experienced a security breach since last year, and 10% a privacy breach.

The consequence of such IT-related problems is customer dissatisfaction, reduced to 48% with company reputations subsequently damaged by 23%.

“The demand placed on IT departments continues to broaden and deepen as executives require IT professionals to act as key business partners and enablers of the organisation's strategy,” says Vaughan Harrison, ISACA Wellington president.

“These changes require IT leaders to continually refine their role within an organisation, ensuring the IT department understands its responsibilities and has both capability and capacity to meet the increased business needs.”

ISACA forecasts data leakages (19%), human error (17%) and employee devices (15%) to be the biggest challenges in combating network security for organisations.

Cloud computing (12%) and cyber attacks (11%) ranked lowest in terms of the most likely challenge to a network’s security.

“Data supports and enables an organisation's operating model,” Harrison says.

“The amount and variety of data that is collected continues to grow and provides enterprises with a valuable intelligent asset.

“However, data must be secured appropriately to prevent the realisation of any competitive advantage, privacy and reputational risks.

“Data needs to be managed through an enterprise wide information security framework that considers strategy, structure, people, process and technology.”