Technology a risky business, say IT managers

30 Nov 2006

Concerns about risk are preventing Irish businesses from taking advantage of new technology, new research has revealed.

This is higher than the European average with 100pc of Irish businesses expressing risk-related worries compared with 80pc of European companies. The research, carried out by Freeform Dynamics on behalf of CA, polled 715 senior IT managers in Europe and the Middle East, with 20 respondents being senior IT managers in Irish enterprises.

Despite the fact that technology plays an increasingly important and strategic role within many businesses, IT-related risk isn’t managed accordingly. In many cases, IT managers and professionals aren’t involved in general business risk management planning.

More than 60pc of respondents said that risk was considered ‘broadly’ across their business but senior IT management said they were only involved in discussions about risk requirements at a business level around 30pc of the time. In Ireland, fewer organisations (50pc) look at risk in the same way and the 30pc said that IT personnel took part in risk discussions.

The top concern cited by respondents was loss of critical business information and operational downtime as a result of system failure; 95pc in Ireland and more than 90pc of businesses Europe-wide consider these issues in planning, with over 60pc saying they are a major concern.

Irish organisations seem more aware of data protection and compliance issues that their European counterparts. Every IT manager here said that illegal use of confidential information is a “major risk consideration” during planning whereas the survey average was 88pc. Similarly, all of the Irish respondents said that legal and regulatory compliance and the need for traceability should be addressed with IT, as against 80pc of the total.

The numbers were closer for managing data backup and recovery, with 65pc of Irish IT personnel (60pc average) saying that the proliferation of data across locations makes these tasks a challenge.
The average level of confidence in the safety of critical data distributed in this way is under 70pc (58pc).

Findings from the research also highlighted the need for continued improvements in information management in most of the businesses surveyed. Two thirds of Irish respondents (65pc vs 55pc of) have no overall risk management budget for the business or IT. In both cases 30pc involve senior IT management in discussions about business risk despite IT risks being front of mind.
According to CA, this finding highlights the need for a more co-ordinated approach to risk management .

Frank Kennedy, Ireland country manager with CA, said that for 55pc of organisations across EMEA not to have an overall risk management budget for the business or IT was “fairly staggering”. He also noted the low involvement of senior IT management in discussions about business risk.

“This disconnect will continue to drive a wedge between the business strategy and the IT strategy, undermining or even preventing the business from competing or evolving in their market,” Kennedy said. “Businesses need to recognise IT’s contribution to the execution of the business strategy and manage risk evenly across all arenas.”

Kennedy advised organisations to invest in flexible, integrated technologies that address a range of issues including security, storage and compliance. “This strategy is usually a business enabler, allowing a business to respond effectively to changes in market demands while not compromising the integrity and availability of mission-critical company data,” he said.

By Gordon Smith