A report from analyst firm Aberdeen Group warns that regulatory mandates and corporate policies are shifting technology buying decisions from IT to business executives.
The research claims that most organisations are not seeing financial benefits from risk management programmes because they fail to focus on merging compliance with risk management.
"The adoption and measurement of a risk management strategy is not easy because the concept of risk has changed with a shift in priorities," said Mounil Patel, research director for security solutions and services at Aberdeen Group.
"More often, organisations do not recognise the importance of closing the cultural gap between business executives and IT executives."
The report found that "best in class" companies worked on the basis that the top risk management challenge is aligning and standardising procedures and systems across their organisations.
The most successful firms place the responsibility for risk management with their chief financial officers and use frameworks and other tools to emphasise risk in operations.
They also tend to adopt and centralise risk management policies with decentralised execution, according to the report.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
