According to ISACA 40% of Global Executives Block Move to the Cloud
January 2011 by ISACA
Forty percent of C-level executives have stated that they are not planning to adopt cloud computing, according to the fourth Global Status Report on the Governance of Enterprise IT (GEIT, conducted by the nonprofit, IT Governance Institute (ITGI), ISACA’s research affiliate. Respondents who do not plan to use cloud computing at all in the near future list security (47%) and privacy concerns (50%), followed closely by legacy infrastructure investments (35%), as barriers to adoption. The 2011 study polled 834 executives from 21 countries, divided almost evenly between business executives (CEOs, CFOs and COOs) and IT executives (CIOs and heads of IT). Of the executives who use or plan to use cloud computing for IT services 60 percent was non-mission critical and 40 percent would also trust the cloud for mission-critical IT services. Organizations are also actively employing outsourcing, with 93 percent fully or partially outsourcing some of their IT activities.
“Emerging technologies such as cloud computing and outsourcing can be managed effectively by integrating good governance over IT. Organizations need to adopt new service delivery models to stay competitive, and this is fueling a strong commitment to enterprise IT governance across the C-suite,” said Ken Vander Wal international vice president. “Assessing the value of current investments, building consensus among stakeholders and mitigating risk with third-party providers all require a comprehensive governance framework for organizations to be sure they are doing the right things and doing things right.”
The ITGI study and three past editions are available as free downloads from www.isaca.org/ITGI-Global-Survey-Results. The study analyzes the degree to which the concept of GEIT is accepted by the C-suite and determines GEIT maturity levels, recognized frameworks, required/preferred certifications, and impact of current special-interest, GEIT-related topics.
Of the C-level executives surveyed, 95 percent consider governance of enterprise IT important. This reveals an almost universally shared perception of IT as a critical contributor to overall business strategy, no matter where the organization is on the path of GEIT maturity.
Key findings include:
· Value creation of IT investments is one of the most important dimensions of IT’s contribution to the business (mentioned by more than nine out of 10 respondents). But challenges exist: increasing IT costs and an insufficient number of IT staff are the most common IT-related issues experienced by respondents in the past 12 months.
· There is a correlation between the position of the head of IT in the enterprise’s hierarchy and the pro-active nature of the IT department. Overall, 70 percent of respondents noted that the head of IT is a member of the senior management team, but this figure increases to 80 percent for those enterprises where IT has a proactive role.
· Governance of enterprise IT (GEIT) is a priority with most enterprises—only five percent indicated that they do not consider it important. Two-thirds of respondent enterprises have some GEIT activities in place, the most common being the use of IT policies and standards, followed by the employment of defined and managed IT processes. The main driver for activities related to GEIT is ensuring that IT functionality aligns with business needs, and the most commonly experienced outcomes are improvements in management of IT-related risk and communication and relationships between business and IT.
· Outsourcing is highly prevalent across the board, but especially in larger enterprises and those where IT is considered important or very important to the delivery of the business strategy or vision.
· Sixty percent of respondents use or are planning to use cloud computing for non-mission-critical IT services, and more than 40 percent use or are planning to use it for mission-critical IT services. For companies that do not have plans to use cloud computing the main reasons are data privacy and security concerns.
· The global economic downturn has had an effect on IT activities, the primary response initiatives being: (1) a reduction in contractor staff, (2) a reduction in permanent staff and (3) a consolidation of the infrastructure.
· The use of Facebook or Twitter at work is not highly prized; only one out of five respondents believes that the benefits of employees using social networking outweigh the risks.
More information about these topics will be presented at ISACA’s EuroCACS 2011, to be held on 20-23 March in Manchester. ISACA’s EuroCACS is the hot-topic event for IT audit/assurance, security, control and governance professionals in the region, covering issues such as: governance concerns for ERP, how to make IT audit more relevant, wireless network security, cloud computing, and security concerns for service-oriented architecture. Additional information is available at www.isaca.org/EuroCACS.
“The overwhelming consensus about the importance of IT governance is encouraging. As 2011 IT initiatives get underway against an economic backdrop that continues to be volatile, the ability to balance and manage value creation, risk management and optimization of resources will be critical,” said Roger Southgate, Past President ISACA London and Independent Governance and Risk Consultant.
This year’s study shows that top tactics used to battle the economic downturn were a reduction in contractor and permanent staff numbers and infrastructure consolidation. According to the Global Status Report on GEIT, GEIT processes can ensure that this focus is balanced with a view on investments that can generate cost savings and ultimately become self-funding.
Successfully implementing GEIT depends on effective change management, communication, scoping and identification of achievable objectives. The outcomes encompass shorter-term benefits such as reduced cost and longer-term benefits such as enhanced management of IT-related risk, improved relationships between business and IT, and increased business competitiveness. The top outcomes cited in this year’s study are improved management of IT-related risk (mentioned by 42 percent of respondents) and better communication and relationships between business and IT (37percent).
For additional information, visit www.isaca.org/ITGI-Global-Survey-Results.
About the IT Governance Institute
The IT Governance Institute® (ITGI®) (www.itgi.org) is a nonprofit, independent research entity that provides guidance for the global business community on issues related to the enterprise governance of IT assets. ITGI was established by the nonprofit membership association ISACA (www.isaca.org) in 1998.