Magazine article New Zealand Management

IT Leaps out of the Box: Risk and Reputation: This Year, Organisations Will Find Themselves Challenged as Never before to Make Focused, Strategic, Pervasive Investments in Security. Compliance with Emerging Government Regulation and Continued Security Breaches Now Make Security a Core Business Issue

Magazine article New Zealand Management

IT Leaps out of the Box: Risk and Reputation: This Year, Organisations Will Find Themselves Challenged as Never before to Make Focused, Strategic, Pervasive Investments in Security. Compliance with Emerging Government Regulation and Continued Security Breaches Now Make Security a Core Business Issue

Article excerpt

Security is a vital component of corporate governance. A recent study by the Unisys-sponsored Security Leadership Institute found that while most CEOs understood the consequences of bad security practices, they couldn't articulate the value proposition of good security.

In the study, conducted in late 2004, 25 CEOs in the US were asked questions that focused on results or consequences that result from maintaining a secure environment. Their responses revealed they could see the value of a secure environment as a way to protect brand and reputation. In their minds, superior IT and physical security practices are necessary to achieve organisational trustworthiness in the eyes of customers, employees, shareholders and regulators, and that this was a critical business imperative.

According to the study, organisations that attain a high-trust status achieve real advantages--improved employee productivity, better customer loyalty, more product or service innovation, fewer failures and decreased compliance risks.

Any organisation seeking to achieve the "trusted enterprise" ideal must make risk management an integral part of business strategy and create secure environments that promote collaboration. For these companies, investment in security is an absolute necessity. According to industry analyst firm Gartner, organisations spend 0.4 percent of their company's revenue on security, and Gartner has predicted that spending will increase tenfold, to four percent of revenue, by 2011.

The "trusted enterprise" is an organisation embracing a set of corporate values and behaviour that guide all business practices. It is highly ethical and treats its customers, employees, partners and shareholders with respect. In addition, the CEO and board are deeply engaged in managing the organisation's operating risk in a way that delivers maximum value in a safe and secure environment.

As organisations increasingly include external parties in their business networks, the likelihood grows that these organisations' IT infrastructures and associated business information may be compromised. This makes being a trusted enterprise a vital goal if the business is to grow and prosper.

To help companies achieve this, systems should be introduced that allow them to segregate information and introduce robust business processes so that transactions can be audited and responsibility can be assigned to individuals. For a system to do this it must provide visibility throughout an organisation, so that business management systems, processes and technology infrastructure meet the needs of the overall business strategy and remain aligned with the governance standards as these are defined. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.