Only 10% plan to use cloud computing for IT services
Nearly half of US IT professionals say that the risks of cloud computing outweigh the benefits, according to the 2010 ISACA IT Risk/Reward Barometer survey.
The survey of 1,809 US IT professionals who are members of ISACA found that they see risks in entrusting information to the cloud. The ISACA IT Risk/Reward Barometer found that only 10% of respondents’ organisations plan to use cloud computing for IT services, while 26% do not plan to use it for any IT services.
More than three-quarters of those surveyed believe that projects should offer the same or lower levels of risk in 2010, despite economic uncertainty and the potential to drive greater rewards. Similarly, 79 % will invest the same amount or only slightly more in risk management and compliance in 2010.
According to IT professionals who have been surveyed, only 22 % of organisations are very effective at integrating IT risk management with their overall business risk management. The most common reason for practicing IT risk management was regulatory compliance (28%) versus business drivers such as improving the balance of risk taking with risk avoidance to improve return (8%).
Top three high-risk employee behaviours include, not protecting confidential work data appropriately (50 %), not fully understanding IT policies (33 %) and using non-approved software or online services for their work (32 %), according to the survey.
Brian Barnier, member of the team that developed ISACA’s new Risk IT: Based on COBIT and principal at ValueBridge Advisors, said: “On the performance side, about 16 % see cost management as a driver for risk management; 9 % see business change as the most important driver; and 8 % choose improving risk-return balance.
“From the CXO or board perspective, the main driver should be balancing risk vs. return to drive profitable growth. As the one-third of IT professionals who are more business-focused already seem to know, robust risk management is a powerful tool to create that value.”