Sunday, 8 June 2008

The biggest issues with Audit, Security IT etc...

The biggest issue in both Audit and IT is a lack of strategic thought.

As one of many examples, there are plans in the SEC (and the equivalent in AU and others will follow) to make continuous audit mandatory. This is a combination of financial systems and IT. Security comes on board as these systems will “report live”. That is, changes in the company financial position will be available to analysts live. In fact, these provisions are in CLERP 9 in Au now and may become mandatory before the SEC does this.

When, 2015. This is where it all comes falling down. Being 7 years away, most people do not care. The issue here is that building these systems to the required levels will take 5-6 years to implement correctly. This means a year or two to start planning now and a 5 year project. This is what strategic thinking is all about.

What we see most in IT (even commonly at the CISO, CIO etc levels) remains for the most part tactical thought. What can go wrong tomorrow… today…

Without forward planning, we just go from disaster to disaster…

No comments: