Increasing dependency on technology has amplified the risk of IT-related incidents
While IT has become increasingly central to business success, many enterprises have not adjusted their processes for IT decision-making and risk management, according to Gartner, Inc.
In addition, increased dependence on the smooth functioning of IT has amplified the business impact of IT risk incidents.
“IT risk has changed,” said Richard Hunter, group vice president and Gartner fellow. “IT risk incidents harm constituencies within and outside companies. They damage corporate reputations and expose weaknesses in companies’ management teams. Most importantly, uncontrolled IT risk dampens an organisation’s ability to compete.”
He cited the examples of a failed software implementation at a pharmaceutical manufacturer that led to the company’s bankruptcy, a data theft at CardSystems Solutions that prompted the company’s two largest customers – Visa and Mastercard – to defect, and errors in a tax-credit management system at the UK Inland Revenue that led the organisation to pay out over £2bn in erroneous tax credits.
“In many companies, it is difficult for business and IT people to exchange information about IT risks in a mutually meaningful way,” said Hunter. “To make effective decisions about IT risk, business executives need to know what happens to the business when technology fails or underperforms.
“Furthermore,” he added, “any IT risk must be understood in terms of its potential to affect all of the company objectives that are enabled by IT. IT risk is too important to be delegated entirely to the IT organisation.”