I recently ran across a survey by Accretive Solutions (formerly Horn Murdock Cole, Dickson Allan, BF Consultants, and CFO Service) discussing the results of an commissioned by Accretive Solutions and conducted by Survey Harris Interactive. The results aren’t necessarily surprising but are interesting.
Before we get to the results, for those that aren’t sure what Enterprise Risk Management (ERM) is, it is defined by Accretive Solutions as:
Enterprise Risk Management is an ongoing, company-wide process designed to identify, communicate, evaluate, analyze, address and monitor risks. It extends far beyond financial statements and accounting policies to include strategic, operational and compliance risks. A partial list of risks that fall under the purview of an effective ERM plan includes fraud, supply chain and business continuity plans, changes in the competitive landscape, IT security, changing compliance and regulatory requirements and personnel risks, including the potential for unethical behavior.
Some interesting results from the survey are (emphasis mine):
- Thirty-nine percent of respondents to this survey of Executive-level decision-makers at Fortune 1000 companies labeled IT Security as their number one worry over the coming twelve months
- Among IT Security threats, breaches via compromised wireless connections were chosen by 14 percent of respondents, while 12 percent chose hackers, and 10 percent chose stolen hardware.
- At the same time that IT topped the list of likely headaches, it was also the number one functional area where executives reported seeing a shortage of talent, far outpacing needs in accounting, finance and taxation.
Interesting results…especially the third one. Perhaps this is good news for good IT folks out there?