IT Managers are under heavy pressure to assess IT risks and promote
the emerging concept of IT governance following Stock Exchange
regulations that came into force last December.
The Combined Code regulations, which come in the wake of the
Turnbull Report's call for the disclosure of internal company
controls, make companies liable if they do not assess the business
risks of systems to the enterprise.
Some company directors have over-reacted, calling for extraneous
audits and disaster recovery plans as they realise that IT-related
risks fall within the new rules, delegates said.
The conference heard that to begin closing the gap between IT and
corporate governance, IT managers need to formalise their
IT-related risk assessment and monitoring, and streamline it to
avoid bureaucracy.
This includes ensuring effective information security management
and business continuity management processes, and defining the
value of IT to the business.
The conference also heard how the IT Governance Institute is
promoting best practice in this area.
www.itgovernance.orgJohn Riley