IT Management: Security, Regulatory Compliance Top Pain Points of IT Pros in 2011

 
 
By Fahmida Y. Rashid  |  Posted 2011-05-09
 
 
 

Regulatory Compliance

Enterprises have to keep up with the latest regulations and standards to ensure they remain compliant. Not being compliant potentially can shut down the business, as in the case of failing to comply with the PCI (Payment Card Industry) security regulations. Other federal regulations affecting IT management policies, including Basel, Frank-Dodd, PII, Do Not Track, Solvency II and HITECH Meaningful Use, are set to go into effect or be updated in the next year.

Regulatory Compliance

Top Compliance Concerns

The ISACA survey showed 85 percent of the organizations were worried about the segregation of duties and privileged-access monitoring. Companies are trying to become more efficient in how they manage various compliance rules.

Top Compliance Concerns

Enterprise-Based IT Management and Governance

Organizations are concerned about managing IT project risk, aligning IT strategy with the business mission, and adhering to generally accepted security and control practices.

Enterprise-Based IT Management and Governance

Information Security Management

After so many well-publicized, recent data breaches and losses, as well as information leaks and data-theft Trojans, its not surprising that organizations are concerned about information security.

Information Security Management

Lack of Senior Management Involvement

Near 80 percent of the survey respondents said the lack of senior-management involvement in setting direction for information security was important or very important. If organizations dont get top-down commitment to security, IT departments wont be able to effectively protect the organization from threats.

Lack of Senior Management Involvement

Disaster Recovery/Business Continuity

From flooding, power outages, natural disasters and acts of terrorism, all businesses are vulnerable to disruption. Businesses have to consider what the costs and risks are, and establish a disaster-recovery plan.

Disaster Recovery/Business Continuity

Managing IT Risks

A majority of enterprises do not understand that they are also in the business of managing risk, including information risk. There is a significant lack of awareness about IT risk.

Managing IT Risks

Regulatory Compliance - Page 8

Vulnerability ManagementManaging unauthorized access is becoming a priority for almost all companies. Enterprises need to enhance the security of their systems with technology to prevent and detect intrusion.

Regulatory Compliance - Page 8

Continuous Process Improvement and Business Agility

Enterprise success depends on establishing capabilities and infrastructure to continually improve business processes and implement change. Businesses are now rethinking their development practices and automation processes.

Continuous Process Improvement and Business Agility

Rising Concerns

While they didnt make the top 7, businesses are ranking cloud computing, mobile-device management, virtualization and business intelligence high on their lists of IT concerns.

Rising Concerns

Rocket Fuel