Will “Responsibility Demands” Over IT Breakdowns Extend To SMEs?

The Financial Services Authority has written to Britain’s largest banks demanding that CEOs name senior managers who will be personally responsible for any future IT meltdowns, such as the one experienced by RBS earlier this year.

Could the same constraints be extended to other businesses and who would regulate such requirements? We all understand the FSA’s desire to hold the people who make the decisions responsible for IT fowl ups but the simple facts are that the boards of banks decide who much data risk they are prepared to accept and what their budgets are for preventing them.

IT managers – no matter how senior – are working within the boards constraints, and board members are unlikely to be IT engineers.

What I find worrying, is that this sort of demand can be made of any business with so little supporting guidance. Could this sort of IT compliance spread to smaller businesses with smaller budgets like SMEs? What are the standards that would be expected? How much will it cost?

Chairman of Parliament’s Treasury select committee said: “Every bank should be checking its IT systems. We need to have confidence that such a failure cannot happen again.”

We all want to avoid IT failures but its of no use to have regulatory bodies throughout business sending out ad-hoch letters demanding managers names who can be held responsible. The current IT market is a shambles with no compliance between providers or services. To make such demands of the IT sector would require government legislation and measurable parameters.

Gary David Smith is co-founder of Prism Total IT Solutions.