IT management leadership role in risk management
Conclusion: In a world where organisations increasingly rely on the successful performance of their business systems it is important IT management takes the lead in managing the risk of systems failure and cyber security breaches from all sources.
Boards are ultimately responsible for monitoring risks. They direct IT (and business) management to create a framework and strategy to manage systems, including data, and cyber security risks. The framework must include policies, supported by processes and practices to ensure business systems operate successfully and the data stored is not compromised.