IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
IoT
#
NDI
#
Risk Management
No place to hide from failure to manage IT risks
Tue, 2nd Jun 2015
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Are IT professionals with organisational and broader societal responsibilities doing enough to back up the need to manage risk?

That's the question from Alan Rodger, analyst from Ovum, who says that the world around us is ever more complex and connected at almost every level, and as result IT's responsibilities are strongly in the spotlight.

Rodger says that in many areas of IT, the obvious potential or actual impact of risk has brought about better focus on the important issues. “For example, cyber-security now has ubiquitous board-level attention, and has brought realignment to the IT security sector,” he says.

“In addition, business continuity is more often addressed at a high level, having matured from relying on ‘hot' technology swaps. Project risks are also usually better recognised and managed, and the scale of historical disasters more often avoided.

However, Rodger says there are numerous areas in which there is much more that should be done within many organisations: •    Supply-chain risk associated with as-a-service delivery (especially where individuals are allowed to adopt software usage via shadow IT). •    Security being built into all levels of software, and being visible, within development and other software lifecycle processes. •    Failure to treat as strategic the use of services such payments systems, which Ovum research has identified may be chosen over integration capabilities as a result of developer choice, rather than an analysis of process-level issues and due diligence. •    Lack of an architectural approach to IT-related change, which can lead to failure to address risks early and can drive up the resulting cost.

Rodger says IT is so central to business operations and processes that risk management in IT is a critical enterprise capability. “IT managers must honestly evaluate weaknesses in their approach to managing risk, across all their capabilities and services (home-grown and bought-in), and must focus attention and investment to make improvements first in areas that could allow any substantial damage,” he explains.

“Unless this is done, the prospect of damage avoidance, and of success in maximising the organisation's benefit from technology opportunities (particularly those upcoming, such as the Internet of Things), is likely to be substantially reduced.

The reward of IT's high profile is a place in the spotlight, but where light shines things can be seen better, Rodgers says. “Risk is also much higher profile than ever before, and there will be no place to hide if anti-risk measures that should be taken in the IT domain are left until unfortunate headlines are made and an inquest is being held.

Related stories
Microsoft, Siemens unite to streamline IoT & digital twin tech
CommScope launches AI-driven RUCKUS suite for hospitality sector
BlackLine appoints Jeremy Ung as new Chief Technology Officer
Smart Water Meters set to revolutionise Australian utilities
Can misconceptions derail the effectiveness of operational resilience?
Top stories
Half of online traffic in 2024 generated by bots, report finds
How AI is pushing the financing sector forward
Cisco launches Hypershield for AI-driven security upgrade
Axis unveils hybrid cloud platform for adaptable security solutions
Spirent partners with online payments platform to boost cyber defenses