26 Jun 2008
Nearly two thirds of internal audit chiefs do not recognise data privacy and IT fraud as a serious threat to their business, according to a survey by consultancy Ernst & Young.
Corporate breaches and data protection regulation were ranked just sixth in audit chiefs' top 10 IT risks for an organisation, while for CIOs it came in at ninth.
Companies are not recognising the serious threat that breaches pose, according to Erol Mustafa, head of IT internal audit services at Ernst & Young.
"Heads of internal audit need to recognise the increased importance of data privacy," he said.
"There is a risk in assuming that data is protected effectively – in reality there are often vulnerabilities in business processes, information security, or the data management lifecycles."
The survey of 60 major businesses also found that 63 per cent of CIOs believed the use of third-party IT service providers would increase in the next 12 months.
Audit heads and CIOs were most concerned about the failure of major programmes and projects and business continuity issues.
The findings of this survey are interesting, especially as they seem to conflict with previous research, from the likes of Gartner and IDC, where security is positioned in the top three priorities.
It seems to me that the priority should not only be the protection of data, but also the correct use of, and the safeguarding against, the misuse of that data. One of the biggest challenges is inappropriate behaviour by employees because you have to give the employees access to both customer and company data to do their jobs, but that same data can represent significant business risk if used for criminal purposes. A top priority for CIOs should be the monitoring and analysis of employee behaviour if they want to ensure policies are being followed - or they could be the next company splashed across the headlines which ultimately will affect their bottom-line, something which I'm sure is at the top of their priorities
Posted by: Richard Kellett 07 Jul 2008
Have your say on this article
Newsletters
Latest stories from Privacy
Latest videos
You may also like
Privacy jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
