Do you feel that IT risk management is a burden on your organization? If so, you might be buying into a belief that is hindering your company. Hamish Barwick of CIO.com writes that 89% of IT professionals in Australia view IT risk as a compliance burden. A startling 60% say that IT-related risks are not managed effectively, and 23% say they wait for a major IT-related failure to manage their risks.
Another common problem was too much emphasis placed on information security and not enough on other areas. A weak risk culture opens organizations up to inappropriate decisions in strategy, programs, and operations. However, an organization with a mature risk culture is able to better achieve and also protect their objectives.