A survey by Business Technology Optimisation (BTO) software
and services company Mercury has found that IT business risk is
running at an unacceptable level, especially within business in the
UK.
The top line finding of the survey of 1,077 IT executives in 22
countries is that a focus on IT cost and time has increased IT
business risk. As a result, change management was not being
implemented effectively.
Mercury says that IT business risk differs from conventional
definitions of IT-related risk, which focuses on security threats
from viruses and hackers, and disasters from fire or terrorism.
Instead, it regards IT business risk as referring to risks arising
from the failure or under-performance of a company’s IT systems
that result in negative business outcomes.
The survey suggests that two fifths of firms in Europe believe that
IT business risk is not managed in a coordinated way, in their
company. For the UK, this feeling applied at a third of firms. Just
over half of all European firms believe that no more than 50% of IT
initiatives in the past two years have had positive business
outcomes.
According to Mercury UK and MEA head James Stevenson, there is an
important lesson for UK firms. He says, “when assessing the impact
of risk at UK firms, there seems to be a greater focus on cost
rather than thinking that if a project doesn’t go well, what’s the
potential impact on revenue or on our customers.”
To address such concerns and reduce IT business risk, Mercury
advises that firms automate change control. It says that firms
should deploy technology that manages all change requests in a
single system of record; get full visibility of all change impact
and collisions; make change decisions and approvals based on
business impact; track and audit all change requests, decisions and
deployments; manage changes from request through deployment