Print Edition
September 2010 
|
|
|
|
|
|
|
Managing Information Technology Risk |
« Back
|
|
Muazzin Mehrban, April 2009 |
|
Page 2 of 2 |
|
IT strategies need to evolve constantly, as the demand for data is now greater than ever. The global reliance on electronic processes and data systems renders any interruption in accessing vital information, even for a brief period, as an almost unacceptable risk. “IT departments should be consistently looking at their current environment and evaluating the architecture against future organisational needs and emerging threats and requirements. Based on availability requirements, companies must consider how to provide and sustain robust, resilient enterprise information resources and communications based on an efficient, effective, reliable and recoverable information technology infrastructure,” says Mr Perlman. He stresses the need for IT companies to consider the outlook for the next three to five years.
The scalability and resilience of new strategies must also be a considered. “Companies need to consider critical upstream and downstream dependencies, and interdependencies, associated with key business applications, external stakeholders, and supporting infrastructure,” says Mr Perlman.
From this, asset owners can discern and consequently mitigate risks that fall within their control.
Looking forward, companies need to appreciate the significant role that IT systems play in corporate strategy. Indeed, businesses should already recognise the damage that a software failure could have on their trade. Planning for worse-case scenarios, such as complete system failure, and having contingency procedures in place, can dramatically increase the speed of recovery. Appointing board members who can apply specific expertise will further reduce the downtime period. But too few companies prioritise information risk. More time should be spent developing systems and keeping them up to date. If all companies were to perform an audit of their current risk management practices, the majority would discover a number of gaps and loopholes that expose them to third parties and could be hurting their operational performance. At a time when operations are already stretched, businesses cannot afford to incur further, avoidable losses due to loopholes and downtime.
|
|
|
|
|
= requires subscription
