'

Day-to-day IT strategy remains top priority

Forget talk of brave new IT initiatives. The main focus for 90 percent of businesses is ensuring the basic infrastructure keeps going

When asked, most IT managers will say what most interests them are issues like SOA/> or grid computing, but new research suggests that they are most concerned by more mundane issues, with risk avoidance at the top of the list.

The research, conducted by analysts Freeform Dynamics on behalf of CA, showed the loss of critical business information and operational downtime as a result of system failure topped the list of IT concerns for businesses in Europe.

Some 90 percent of businesses said they explicitly considered these issues when planning and 60 percent rated them as major concerns.

John Collins, of consultants Macehiter Ward-Dutton, who advised on the survey, said attitudes were changing within IT and that while companies were increasingly risk-averse, their attitudes to risk were also changing.

"IT security and risk management was always seen as an end in itself," Collins said. "The systems have been led by what's been sold, rather than what risks are out there."

This meant that companies had not been thinking about what they are purchasing, Collins said. "The security breach is easy to understand and seems more important than the day-to-day security. It it's easy to justify the antivirus software but that only fixes part of the problem. It is more difficult to get organisations to understand what is needed for a complete security solution."

Collins said that the survey, which involved 705 IT professionals in Europe and the Middle East including 100 from the UK, did underline how much attitudes were changing. "CA wanted to put in a question that asked if companies employed a chief risk officer but I thought it was a waste of time because nobody would have one," said Collins. "But then we thought, 'Why not?' and put the question in and found that 36 percent have one. That rises to 48 percent in financial services."

The survey showed that over 60 percent of respondents said that risk was now considered "broadly" across their business, which was a significant change, Collins said.

While no longer at the forefront of users worries, the illicit use of confidential information is still a major risk consideration, with 88 percent considering it during planning and 58 percent of respondents highlighting it as a major concern.

Legal and regulatory compliance and the need for traceability came a close third, with over 80 percent of businesses saying that it is a consideration in their planning.