With the exception of a small number of enlightened boards, most businesses assume that, because information technology is the functional responsibility of the IT department, IT is strategically accountable for it as well. Of course, this means that IT is also responsible for information security, protecting the reputation of the organisation from breaches to confidentiality, availability and integrity of its information, as well as from organised crime and terrorists – is this fair on the IT team, or is it the board ducking a critical corporate governance responsibility?
“Leave it to IT”?
December 9, 2004
About The Author
Alan Calder
Alan Calder is an acknowledged international cyber security expert and a leading author on information security and IT governance issues. He is also the CEO of GRC International Group PLC