MENLO PARK, Calif. – Oct. 17, 2011 – New and complex information technology (IT) risks and changing business priorities challenge today’s IT leaders, according to a new survey from Protiviti (www.protiviti.com <http://www.protiviti.com> ), a global consulting firm. The results of the study reveal six areas of priority for CIOs and their organizations: information security and privacy; virtualization and cloud computing; social media integration; data classification and management; regulatory compliance; and vendor management.
Protiviti’s inaugural Information Technology Capabilities and Needs Survey (www.protiviti.com/ITsurvey <http://www.protiviti.com/ITsurvey> ) identified top areas of concern for IT leaders based on competencies they cited as most in need of improvement. More than 200 IT professionals – including chief information officers, chief technology officers, chief security officers, and IT vice presidents, directors and managers – participated in Protiviti’s study.
“With the rapid rise of technology in business operations during the past decade, IT departments have been called upon to deliver a much broader array of services and solutions for their companies,” said Kurt Underwood, managing director and head of Protiviti’s IT consulting practice. “Expectations continue to rise dramatically for the IT function to support new technologies, such as mobile devices and social media platforms that can be integrated with existing corporate systems, as well as the pervasive accumulation of sensitive data at multiple locations worldwide.”
The Protiviti 2011 IT Capabilities and Needs Survey asked participants to assess their skills and professional development priorities through more than 100 questions covering three major categories: technical knowledge, process capabilities and organizational capabilities. Protiviti also offers insights about the areas that IT leaders expressed the most concerns about, including:
- Social media applications and sites such as Facebook and Twitter have exploded in popularity in the past few years and new social media sites are coming online at a rapid pace. Some firms have vague or out-of-date social media policies in place that are unenforceable if inappropriate activity occurs.
- Monitoring and achieving legal and regulatory compliance ranks high among IT leaders as an area in need of improvement. The volume and pace of regulatory change has been significant in recent years, and there are a number of regulatory issues that require IT involvement, including Dodd-Frank, Sarbanes-Oxley, Basel II, Solvency II and PCI-DSS. “IT must be an active part of compliance management, which typically involves developing, implementing or integrating tools and platforms to achieve active compliance and risk management,” said Underwood.
- For every law and regulatory requirement, the company must also ask: What portion of my data does this affect? How do I classify and manage this data in accordance with the law? It also is important to note that, as a byproduct of the proliferation of new and emerging technologies, there are rapidly growing volumes of data being generated daily. By ranking, managing and classifying this data as a top “Need to Improve” competency, respondents may be saying they and their organizations are having difficulty understanding the increasingly complex regulatory landscape and how to comply with various new laws.
- With more and more organizations transitioning to virtualized solutions as well as applications and activities in the cloud, external service-level agreements (SLAs) with an array of third-party vendors and other providers are a key concern for IT executives, according to the study. Similarly, determining a sound strategy and approach for outsourcing and off shoring are another critical area of focus, particularly given that many companies continue to seek innovative ways to save costs. However, many of these organizations lack clarity or direction about how to accomplish this effectively while continuing to deliver a high level of service and maintain compliance with company policies, applicable laws and regulations.
- Because data breaches are costly and affect not just operations but also brand reputation, information security is another top priority for IT executives. Key considerations for leaders to consider are: How robust are our information security measures? Is our organization in compliance with industry standards for security and privacy as well as applicable laws and regulations, and do we have efficient systems and processes for tracking compliance?
Survey respondents represented virtually all industry sectors, including financial services and insurance, manufacturing, healthcare, consumer products, energy, hospitality, retail, technology and utilities. More than half of the participants work for publicly traded companies; the others come from private, government and nonprofit organizations. Nearly two thirds of the survey respondents work for organizations with $1 billion or more in revenues, and the majority are located in North America.
To learn more or obtain a complimentary copy of the 2011 IT Capabilities and Needs Survey, visit: www.protiviti.com/ITsurvey <http://www.protiviti.com/ITsurvey> . Additionally, Protiviti is hosting a complimentary webinar about the study’s results on Oct. 25 at 11:00 a.m. PDT. To register, please visit: www.protiviti.com/webinars <http://www.protiviti.com/webinars> .