Managing risks related to information technology systems is often done separately from companies' overall risk management programs, according to a recent survey by risk management software provider OpenPages.
Forty-three percent of companies use spreadsheets to manage IT risk management, while 30% use point solutions and just 28% are using an integrated solution that tracks all their risks, including IT risks, according to OpenPages' survey of IT executives. And the job of handling IT risk management falls to the CIO at 40% of companies, to the chief risk officer or head of enterprise risk at 24%, and to other executives, including IT security or audit managers, at 27%, the survey shows.
Both spreadsheets and stand-alone solutions introduce inefficiencies, says John Kelly, OpenPages' director of marketing. More importantly, he says, "if you're really looking to get an enterprise view of your risk and compliance and how you're doing, many times you're missing that IT piece."
Recommended For You
But Kelly sees more integration occurring down the road, and notes that a separate survey that OpenPages conducted at a European meeting this fall found that 93% of companies expect to converge IT risk management with their overall governance, risk and compliance efforts in the next two to three years.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
