Many IT Risk Management Projects Go Unfunded

May 14, 2009

Seventeen percent of companies say it’s only a matter of time before an internal breach occurs

While many companies pay lip service to the concept of risk management, nearly one-third are not devoting any budget to these programs and almost one-quarter have no risk management initiative at all, a new study says.

According to a report published this week by security and compliance vendor Sailpoint, 77 percent of companies surveyed have a risk management function within their IT organizations. However, nearly 30 percent of those companies don’t allocate budget to that function.

“That means nearly 50 percent of the affected companies either do not have, or underfund, their IT risk management activities,” Sailpoint says.

In addition, only 43 percent of respondents said they could present a complete record of user access privileges for each employee in a single day. Forty-two percent said they do not have the ability to immediately remove all access privileges for terminated employees in the event of a large layoff.

Continue reading …

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: