Industry news

Many firms' risk assessments not working, says analyst

Risk management is not working in many organisations, one industry expert has said.

Gartner has revealed that many firms are developing ineffective risk practices due to a narrow "siloed" approach to risk assessment.

Paul Proctor, vice-president and distinguished analyst at the firm, said: "The increased visibility of risk management in many enterprises has resulted in inconsistencies in the use and application of the term."

The analyst has identified seven key steps to enable IT managers to understand and manage the risks they face, allowing them to contribute to an enterprise-level risk management effort as businesses evolve.

Among the steps is the implementation of frameworks for risk assessment and mapping; the establishment of clear responsibilities for risk managers; and the creation of levels of control for processes appropriate with the perceived threat.

Last week the analyst claimed the information and communications technology industry will become a "borderless state" by 2015.