This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Print page

IT Risk effectiveness

The number, scale and complexity of IT risks facing organisations continues to grow underscoring the importance of managing IT risk effectively. Failing to manage these risks can lead to embarrassing and costly incidents such as the loss of sensitive data, failed software upgrades or revenue misstatement where computer applications fail to operate correctly. As a result of these types of incidents, executive management are increasingly aware that IT related risks can result in very large costs to an organisation‟s bottom line and reputation.

Within the financial sector it is often the role of IT Risk functions in combination with Operational Risk, Security and other Compliance functions to report, manage and mitigate these risks, whilst setting policy and ensuring/monitoring appropriate governance and control over technology.

Why is it an issue?

What is an issue? IT Risk effectivenessMany organisations already have existing and significant spend on activities to manage selected IT risks - information security programmes, regulatory compliance, business continuity, SOX, incident management solutions, project risk, IT internal audit and IT governance committees for example. However, the effectiveness of this expenditure is often challenged when mistakes are still made.

IT risks continue to evolve with threats becoming ever more sophisticated and difficult to mitigate against. This, in addition to the ever increasing regulatory focus means the role of IT Risk functions within organisations is evolving rapidly, with ever more expectation on the assurances and services they provide.

Our services

We assist our clients by:

  • Benchmarking of technology risk management functions and processes against recognised good practice and industry peers
  • Establishing and refreshing technology risk management frameworks, including control rationalisation, design and implementation
  • Implementing process improvements to technology risk functions, ranging from incremental enhancements to existing processes through to large scale change
  • Utilising tools to manage delivery of technology risk management and demonstrate compliance requirements from a single source.

Heads of IT Risk Survey

Heads of IT Risk Survey

As IT Risk functions emerge, evolve and mature, what are the common practices? This survey seeks to produce a snapshot of IT Risk.

Key contacts

David Bettesworth David Bettesworth
Enterprise Risk Services

Andrew Johnson
Enterprise Risk Services

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Get in touch

More on Deloitte