Furthermore, 64% of IT professionals believe the risk culture at their organization is only moderately effective or not effective at all.
“We are deeply concerned by the lack of importance being placed on managing IT risks. From these results, it is clear that Australian organizations aren’t adequately prepared,” said Paras Shah, founder and principal consultant at Vital Interacts.
Key findings show:
- 71% of respondents think Australian business teams lack awareness that IT risk management is important to attain business process goals and targets.
- 89% believe that IT risk management activities are generally perceived by business stakeholders as a compliance burden, whether external or internal.
- 23% identified a “major IT-related failure event” as one of the main drivers for their organization to manage IT risks.
- 26% indicated their IT risk management programs focused too much on IT security risks, rather than considering all IT-related risks.