Organisations that treat IT Risk Management as a technology issue rather than one of corporate importance will leave themselves exposed to a plethora of problems that could threaten the health of the entire concern. This is one of the key conclusions to be drawn in new report, just published by Europe’s leading IT research and advisory organisation, Butler Group. The report,‘IT Risk Management’, says that while technology support will be required, this is just as much an organisational issue with the emphasis on putting the right people in the right roles, and giving them the necessary guidance and authority.

“The consequences of failing to manage IT risks pose a serious threat to any organisation” says Rob Hailstone, Software Infrastructure Practice Director at Butler Group. “It follows that IT Risk Management efforts should have senior executive sponsorship and form part of the broader corporate risk management initiative.”

The report highlights the need to consider risk management issues from the early design stage of IT projects and to clearly identify the actual likelihood of different types of risk occurring and the actual cost to the organisation of any instances. It deals with the business, organisation, technology, and standards issues that should be considered when planning an IT Risk Management initiative and the impact that this is having on the market for supporting technologies and how vendors are responding to the challenges.