Security Slideshow: ISACA Security Study: Compliance, Governance, Risk Are Top Concerns

By Don Reisinger  |  Posted 04-26-2011

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns

ComplianceRegulatory compliance is No. 1 most important business issue in the next 12 to 18 months for respondents. The issue earned a weighted score of 4.62 out of 5.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 2

Governance"Enterprise-based IT management and IT governance" comes in a close No. 2 in importance, with a score of 4.39 out of 5.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 2

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 3

Security managementInformation security management is No. 3, scoring 4.08 out of 5.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 3

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 4

Two top compliance concerns (percent respondents) Compliance process management (86 percent)Segregation of duties and privileged access monitoring (85 percent)

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 4

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 5

No. 1 IT governance concern (percent respondents)IT project risk (85 percent)

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 5

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 6

Ignorance is not blissMore than eight in 10 respondents (83.6 percent) say that not knowing about, or having little knowledge of, "information security risks" is an important issue they expect to face in the next 12 to 18 months.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 6

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 7

Lack of controlsNearly 83 percent of respondents expect to face the issue of information security controls that are not being "regularly measured, monitored, or improved" in the next 12 to 18 months.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 7

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 8

Disaster LeadershipNearly 87 percent of respondents say that, in the event of a disaster, they are concerned that their company's executives and managers won't know what to do to keep business running.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 8

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 9

Keeping upOver 86 percent of respondents say that avoiding a "lack of awareness" about IT risk will be their most important job in the next 12 to 18 months.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 9

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 10

Vulnerability management Respondents identify "intrusion detection and prevention" as the most important factor when considering vulnerability management in their operations.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 10

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 11

ForensicsForensic IT is viewed as important by some two-thirds of respondents.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 11

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 12

Virus managementOver 80 percent of respondents say that they will make "virus management" an important element in their jobs in the next 12 to 18 months.

ISACA Security Study: Compliance, Governance, Risk Are Top Concerns - Page 12