A recent article over on Supply & Demand Chain Executive that summarized a survey by the Information Systems Audit and Control Association (ISACA) that found that the top three concerns of IT professionals were:
- regulatory compliance
- enterprise-based IT management and governance
- information security management
It’s kind of surprising that information security management is third and not first on the list given the headlines that come from breaches in security, such as the recent Sony PlayStation Network breach. Regulatory compliance is important, as it can result in fines for failures, but breaches are more costly, once the damage to the brand and the lawsuits are factored in.
I was a little surprised to see enterprise based IT management so high on the list. It’s an important topic, but given recent disasters, I would have expected diaster recovery and business continuity, #4, to take its spot, as IT management is a never ending issue and rarely overlooked by CIOs and CTOs, even though they might no always find the time to get it where they want it.