Security management tops IT strategy league

Information security management will be the most important initiative affecting IT strategy, investment and implementation in business organisations over the next 12 to 18 months.

The American Institute of Certified Public Accountants (AICPA) said that IT governance moved up the list from sixth to second place this year, reflecting the market's renewed emphasis on corporate governance and responsibility.

"We believe this year's list reflects our environment, with the top four technology initiatives relating to strategies that safeguard an organisation's assets and ensure its well being," said Barry Melancon, president and chief executive of the AICPA.

The AICPA poll was conducted in late 2007 with the Information Systems Audit and Control Association, the Institute of Internal Auditors and the Information Technology Alliance.

Respondents identified the top 10 most important technology initiatives for 2008 as follows:

1. Information security management

2. IT governance

3. Business continuity management and disaster recovery planning

4. Privacy management

5. Business process improvement, workflow and process exceptions alerts

6. Identity and access management

7. Conforming to assurance and compliance standards

8. Business intelligence

9. Mobile and remote computing

10. Document, forms, content and knowledge management

"Recent studies show that investors are willing to pay a premium of up to 20 per cent for shares of enterprises with reputations for good IT governance practices. Properly governed IT is critical to an organisation's success," said Lynn Lawton, international president of ISACA.

Mobile and remote computing was also cited as a priority. "Organisations are realising substantial gains in efficiency and worker productivity through the extended office hours and increased flexibility that mobile and remote computing solutions bring," said Ron Eagle, president of the Information Technology Alliance.