I watched the Congressional clash of ideology and pragmatism play itself out in the US stockmarkets yesterday and through Asia overnight. While I’m not entirely clear on the point of a vote that avoids spending $700 bn but triggers a $1 Trillion stockmarket slide, I am clear that the financial disaster will negatively impact the real economy. Even though this month’s Fortune magazine argued that, in the real (US) economy, there was no evidence of a recession, I can’t see how a combination of restricted credit, devalued assets, deleveraged businesses, increased unemployment, and reduced output can translate into anything other than a downturn.
While I largely agree with the analysis in this blog: Impact of the Economic Crisis on Security, I do think that Boards and IT management teams have it within their power to avoid the traditional knee-jerk response to a crisis, which is usually to cut investment, cut training, and cut corners. The key strategic fact is that IT is now fundamental to both survival and success – and, in a tougher economic climate, those organisations that more effectlvely leverage their information and IT investment are likely to be those organisations that are still standing at the end of the shake out. Of course, I’m only talking here about those organisations that have a living, breathing enterprise risk management framework – as we’ve seen, those who substitute hope for objective risk management get to go bust.
Put another way, effective IT governance will, in many instances, be the difference between success and failure.