ISACA Now Blog

Knowledge & Insights > ISACA Now > Posts > Why IT Teams Should Avoid Complacency

Why IT Teams Should Avoid Complacency

Ammett Williams, CGEIT, CISSP Telecommunication Team Leader – First Citizens
| Posted at 3:20 PM by ISACA News | Category: COBIT-Governance of Enterprise IT | Permalink | Email this Post | Comments (0)

Ammett WilliamsWe are in 2019, and have all witnessed the effects of disruptive start-up companies, the growth and stability of the cloud market, the emergence of CI/CD practices and the simple need for agility. Inversely, there are organizations where none of what I mentioned is happening.

There are times when companies become good at what they do, and they become comfortable. With that comfort comes something that leaders and employee may choose to ignore. What is that? Well, to put it mildly, that thing would be the need for change. A provocative question to yourself would be: If I am doing my job properly and getting good results, do I need to change? Some may argue, “No,” and some may argue, “Yes.” From an IT point of view, the question becomes even more complex. This is especially the case when IT has taken on a supportive operational role within an organization, and by doing so, becomes expert at what they do, but finds that innovation is lost and resistance to change grows larger.

Enter the competitive threats. While your business was doing things right, the disruptor (which can be an existing competitor) was building solutions to solve customer issues, creating new products and services, and defining new ways of doing business to go to market. The result can be dramatic; your business suddenly gets a nudge, you have questions being asked by stakeholders, who all want to know:

  1. How does this impact us?
  2. What is next on our plate?
  3. What are we going to do now?
  4. Are we agile enough to deliver a solution in a short space of time?

At this point, all eyes turn to one of the major business enablers – none other than the IT department. Suddenly, IT goes from doing things right to not being agile enough to support strategy and innovation.

The need for agility in a rapid, flexible, durable and secure manner can best be delivered by cloud services. Layers of bureaucratic decision, hours of provisioning and other complexities can be addressed with IaaS, PaaS and SaaS solutions, which support CI/CD pipelines. From a security point of view, a lot of effort is put into cloud security, with the provider getting its platform certified by world-recognized standards such as 27001, PCI-DSS, and HIPAA.

What that means for businesses is that, combined with the shared security model of the cloud, they will be able to securely and effectively safeguard data while meeting regulatory compliance and internal enterprise security requirements. Enterprise Architect and GEIT are the solutions that can be introduced or remodeled within your enterprise to create both systems and processes to deal with this type of scenario.


There are no comments yet for this post.
You must be logged in and a member to post a comment to this blog.