IT Management: Security, Regulatory Compliance Top Pain Points of IT Pros in 2011
Enterprises have to keep up with the latest regulations and standards to ensure they remain compliant. Not being compliant potentially can shut down the business, as in the case of failing to comply with the PCI (Payment Card Industry) security regulations. Other federal regulations affecting IT management policies, including Basel, Frank-Dodd, PII, Do Not Track, Solvency II and HITECH Meaningful Use, are set to go into effect or be updated in the next year.
IT departments are struggling with more technology and new ways of doing business. ISACA, a global association of more than 95,000 IT governance, assurance and security professionals, and formerly known as the Information Systems Audit and Control Association, asked its members to list the top business issues they see affecting the enterprise in the next 12 to 18 months. The report looked at responses from 2,400 professionals working in IT, security, audit and assurance representing 126 countries. While regulatory compliance, IT governance, information security and disaster recovery remained the top four concerns for IT professionals, there were other areas that were adding complexity and increasing risk. IT departments are worried about data breaches, cloud computing and the rise in number of consumer devices in the enterprise, according to the report. "The survey shows more clearly than ever that information technology cannot be managed in a vacuum," Tony Noble, a member of ISACA's guidance and practices committee, told eWEEK, noting that members are implementing more technology to address the concerns and to become more efficient in how they manage risk. IT managers are aware of the risks the enterprise is facing, but they need to convince senior managers that the issues are urgent enough to commit money to resolve. Senior management is usually willing to pay for solutions if they understand the cost of doing nothing could be much higher, Noble said.