12. October 2009 · Comments Off on IBM CIO study ranks Risk Management and Compliance #3 of 10 CIO visionary plans · Categories: IT Security 2.0, Risk Management · Tags: , , ,

On September 10th, IBM released the results of a global study (registration required) they conducted of 2,500 CIO's from around the world. Of the ten top "visionary plans," these CIO's ranked Risk Management and Compliance third. Business Intelligence and Analytics was first followed by Virtualization. Also, I found it significant that Customer and Partner Collaboration came in fourth.

Unfortunately, the report did not divulge details of the methodology used beyond saying that over 2,500 CIO's were interviewed. If one grants that IBM is an able marketing organization, it genuinely wants to understand the priorities of CIO's so it can respond with the right services to increase its revenue. Therefore these priorities do represent what CIOs are thinking.

A more cynical opinion would be that this study is simply a marketing tool of IBM Global Services. In this case, IBM Global Services is advising CIOs that Risk Management and Compliance should be their third highest priority. Either way, this report highlights the importance of Risk Management and Compliance.

Looking at the study as a whole, it correlates the use of information technology to drive innovation with higher corporate profits. (Reminder – correlation and causation are not the same thing.)  In addition, information technology creates new risks which must be understood and mitigated.

Perhaps I am writing this because it supports my previously stated position that risk management enables innovation, e.g. Web 2.0 creates new risks which if not mitigated completely outweigh the value.