|
|
 | ||
| ||
|
|
|
News < Back Sarbanes Oxley : Technology : Survey More than One-Third of Businesses at Risk for Internal Sabotage
According to a recent survey conducted by Jefferson Wells - a global provider of professional services in the areas of internal audit, technology risk management, tax, and finance and accounting - far more companies are conducting technology risk assessments today than in years past. However, almost 35 percent of the companies surveyed have never conducted a technology risk assessment. (See Graph 1). ?It is astounding that more than one-third of the companies Jefferson Wells surveyed has not conducted a technology risk assessment,? said Karl Kispert, solutions director of technology risk management for Jefferson Wells. ?This statistic certainly highlights the fact that these companies may be trying to manage risk without an accurate picture of what those risks really are. Technology risk assessments are key components of risk management, and their integration into enterprise risk assessments is key to identifying the danger zones in your business and effectively managing risk.? According to the Jefferson Wells survey, the strongest motivating factor for assessing technology risk across the enterprise is preventive risk management. Companies now understand that preventing a crisis can be far less costly than recovering from one. And, almost as important as prevention, the survey indicated that companies are responding to regulatory compliance requirements. Nearly half of the survey respondents ranked compliance as the number two reason to identify and remediate risk conditions. When asked to rank the number of security-related concerns by level of their perceived overall risk to the company, respondents cited the following as top concerns: system availability (60 percent); external security breaches - unauthorized manipulation of programs or data (53 percent); confidentiality of data or systems - unauthorized use or disclosure of data (52 percent); regulatory compliance (52 percent); and damage to corporate reputation (52 percent). In addition, the survey also cited that chief information and technology officers, chief privacy officers, chief risk officers and chief information security officers are also increasingly requesting or sponsoring technology risk assessments. The goal of a technology risk assessment is to rank the potential business losses caused by technology?s failure, destruction or exposure of sensitive information. Jefferson Wells offers these steps for companies considering integrating technology risk assessments into their business model. • Identify and confirm business entities and risk areas. • Identify risk factors and scoring thresholds. • Gather perceptions on risk significance across the risk factors. • Prioritize risk areas based on threat/security. • Given the consequence, identify management?s tolerance. • Evaluate the capabilities (culture, organization, policies, processes, systems) to manage the desired tolerance. Regularly scheduled technology risk assessments should be used to update risk management plans and programs to monitor progress of the enterprise?s overall technology risk management program. ?If your business has not performed a technology risk assessment, or if an existing assessment is more than a year old, the time to begin incorporating this into your business model is now,? said Kispert. Jefferson Wells is a global provider of professional services in the areas of risk, controls, compliance and financial process improvement. The firm specializes in internal audit, technology risk management, tax, and accounting and finance. From its more than 45 offices, it serves clients including Fortune 500 and Global 1000 companies, through highly experienced, salaried professionals working from offices across North America and Europe. Jefferson Wells is an independently operating, wholly owned subsidiary of Manpower, Inc. (NYSE: MAN). For more information go to www.jeffersonwells.com. 
|
|
|
||||||||||||
 | |||
| |||
| |||
|
© 2019 Simplex Knowledge Company. All Rights Reserved. | TERMS OF USE | PRIVACY POLICY |
