Managing Spend on Information Security and Audit for Better Results
Source: IT Policy Compliance Group
Every activity has some risk associated with it, including the use of IT. However, the principal business and financial risks from the use of IT differ by size of company. Appropriately managing the principal business risks and reducing overspending depend on specific organizational practices, that if not implemented will result in higher costs, larger financial exposure and more frequent loss. The benchmarks conducted by the IT Policy Compliance Group show almost all organizations have financial incentives easily exceeding 100 percent to make improvements to reduce financial risk from data loss, downtime and regulatory audit.