Johannesburg, 10 Feb 2004
Information and communications technology (ICT) has entrenched itself as a business enabler - driving business decisions and even opening up new markets.
As ICT becomes more strategic, so organisations are increasingly demanding higher levels of business professionalism from their IT partners. A lack of "expected" levels in managing IT professionally can lead to a credibility gap.
Essentially, if the expected value is not delivered, many businesses resort to making IT decisions based on perception and emotion, rather than turning to their IT partners.
The reality is that IT professionalism in SA is still in its infancy. If we use criteria such as commonly accepted knowledge, formal recognition by fellow professionals and a code of ethics, we indeed realise that it still needs to mature a lot before the desired levels of professionalism are reached.
Once IT has matured and evolved to a more stable profession, then we will be able to effectively align business expectations and IT performance.
Looking at financial institutions, the extensive use of technology in order to deliver services in this industry does not come without its fair share of responsibilities.
As we design new applications, infrastructure needs to be managed, data needs to be stored and information secured.
More importantly, customers need to be protected against the risk involved in using these technologies. Basel II asks a compelling question: are financial institutions managing technology risk?
My feeling is that the rapid expansion and use of technology, coupled with inadequate understanding of the scope of technology impact and responsibility, are resulting in some heated exchanges between institutions and regulators.
Contributing to this is the current state of information security. Again, due to a lack of understanding, business lines are IT-enabled without adequately protecting the end-user or the institution itself.
If it is up to security to fight the ROI (return on investment) battles, why is this element of IT also being neglected? Only recently - due to a well-publicised banking fraud incident - have we seen some change.
The bottom line is if security is neglected, what else is not being done? Again this is also a clear demonstration of the dire state of technology management and IT understanding today.
Hence, new regulations based on guidelines from Basel II and the King II report have been introduced to re-evaluate executive management, reflecting on a more definite understanding of the new IT fabric that businesses are basing their strategic decisions.
Hopefully this will improve overall risk management, and stimulate effective technology decision-making.
Finally, value management does not come naturally to technical people. The introduction of business people in the technology field will improve professionalism and better manage perception vs reality.
Share