Technology risk radar

Recommendations

Info

7 Industries affected Financial Services Consumer, Markets and Retail Healthcare and Pharma Energy, Natural Resources and Utilities Industrial Manufacturing Technology, Media and Telecom Government Education The top two industries affected were the same as last year, although their positions have changed: Technology, Media and Telecommunication, and Government, in order. • Technology now has the dubious privilege of being the industry most affected by IT incidents, according to our research. The growing shift to a digitally connected world with the pervasiveness of the Internet of Things (IoT), social media and digital labour, and the ubiquity of devices suggest that this industry will keep this top spot for some time. 12.1% 5.3% 9.8% 1.5% 15.1% 25.0% 22.8% 8.4% • Government comes in at number two. We believe that the government sector has this high ranking due to the public nature of its operations, increasing third party risk and ineffective project management. • The financial services industry has moved from the fourth most affected industry to the seventh among the ten industries surveyed. This may be attributed to the heavy regulatory environment within which FS organisations have built risk management capabilities that have arguably matured over the years. Interestingly the Fintech sector, which is a hybrid of Technology, media & telecoms – the most affected industry, and FS, is expected to face similar regulatory scrutiny. What is also interesting is that specific types of incidents are affecting some industries more than others. For example: • Industrial manufacturing had a higher proportion of availability related incidents than any other industry. Availability also appeared to be significant problem in the financial services industry with 40 percent of incidents related to availability. • Quality issues continue to be a problem in the Government sector with almost 17 percent of incidents related to quality. © 2016 KPMG International Cooperative (“KPMG International”). KPMG International provides no client services and is a Swiss entity with which the independent member firms of the KPMG network are affiliated.
8 Sectors at a glance TOP 10 RISKS IDENTIFIED FOR EACH SECTOR HIGHEST RISK 10 9 8 7 6 5 4 3 2 1 LOWEST RISK Risk impact and probability in descending order PER SECTOR Poor risk management alignment across organisation and process Dependence on inflexible and undersupported legacy systems Poor cyber security, cyber-crime and unauthorised access Non-compliance with regulation and legislation, e.g. privacy Lack of IT strategy and lack of board representation Inadequate data quality and lack of capability to leverage data to manage risk Inability to deploy and exploit emerging technology Failure to deliver programmes and to build in control, resilience and security Reliance on, and poor security and control in, vendors/third parties Ineffective service management and delivery 1 2 3 4 5 6 7 8 9 10 Banking Insurance Investment Management and Funds Consumer Markets and Retail Technology, Media and Telecommunications Healthcare and Pharmaceutical Energy and natural resources Industrial manufacturing Central Government Education (Universities) Overall avg score (the lower the score the more critical across industries) 6 4 9 6 4 4 6 9 9 1 5.8 4 6 4 6 6 4 4 6 9 6 5.5 3 4 4 4 4 6 6 6 4 9 5.0 4 3 4 6 4 9 4 2 6 6 4.8 6 6 6 4 2 2 6 2 4 9 4.7 4 2 9 2 9 6 2 2 4 1 4.1 6 9 1 9 4 1 2 2 2 4 4.0 3 4 2 2 2 6 6 4 9 2 4.0 9 3 6 6 2 2 3 1 6 1 3.9 6 2 6 4 2 2 2 2 2 1 2.9 Ineffective IT asset management 11 2 2 2 2 3 3 2 3 3 4 2.6 Inadequate resilience and disaster recovery capability 12 3 2 2 2 2 2 2 4 2 2 2.3 © 2016 KPMG International Cooperative (“KPMG International”). KPMG International provides no client services and is a Swiss entity with which the independent member firms of the KPMG network are affiliated.
Page 1 and 2: Technology risk radar Third edition
Page 3 and 4: 2 Introduction What are the current
Page 5 and 6: 4 What happened? IT infrastructure
Page 7: 6 What were the causes? We found th
Page 11 and 12: 10 Banking Michael Elysee David DiC
Page 13 and 14: 12 Insurance Jill Farrington Jon Do
Page 15 and 16: 14 Investment management and funds
Page 17 and 18: 16 Consumer markets and retail Andr
Page 19 and 20: 18 Technology, media & telecoms Ann
Page 21 and 22: 20 Healthcare and pharmaceuticals J
Page 23 and 24: 22 Energy and natural resources Nat
Page 25 and 26: 24 Industrial manufacturing Marceli
Page 27 and 28: 26 Central government Andy North Ge
Page 29 and 30: 28 Education Richard Archer Hannah
Page 31 and 32: 30 Our Data Analytics Methodology
Page 33 and 34: 32 Contact us © 2016 KPMG LLP, a U
Page 35: 34 kpmg.com/uk The information cont

Technology risk radar

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?