TMCnet News

New Survey of Security Assurance Professionals Finds That 65% of Global Tech Companies Still Manage IT Risks in An Ad-hoc, Reactive Manner
[February 11, 2021]

New Survey of Security Assurance Professionals Finds That 65% of Global Tech Companies Still Manage IT Risks in An Ad-hoc, Reactive Manner

BELLEVUE, Wa., Feb. 11, 2021 /PRNewswire/ -- Hyperproof -- a compliance operations software company --has just released its 2021 IT Compliance Benchmark Report, a survey report containing comprehensive benchmarks on how tech companies are managing IT risks and IT compliance efforts during the pandemic, remote-work environment. The responses come from 1,029 professionals in the tech sector in Dec. 2020. All hold responsibilities for security assurance, information security, IT audits or IT risk management within their organizations.

Survey of security assurance professionals finds that 65% of tech companies manage IT Risks in a reactive manner

The results reveal that when it comes to managing IT risks, most organizations understand what "good" looks like in theory. Yet struggles to operationalize important risk management activities are pervasive. For instance, 65% of all respondents said they currently IT risks in an ad-hoc way, with siloed teams, processes, and multiple, disconnected tools. When it comes to managing IT risks and compliance efforts on a day-to-day basis, one in two respondents said they spend 50% or more of their total time at work on low-level, administratve tasks.

When organizations use multiple, disparate tools throughout their risk management process, collecting critical risk and compliance information is both tedious and difficult. Half of all survey respondents admitted that they have a limited understanding of how well existing risks are managed and limited ability to detect control failures that can lead to undesired risk exposure.  In fact, 61% of all surveyed organizations have experienced a compliance violation -- such as a data breach or a violation of a privacy law -- in the past three years.

However, the research team found that not all organizations suffered equally from security incidents and compliance violations. Organizations that chose to take an integrated approach to IT risk management and made efforts to align their risk and compliance activities are much better at avoiding data breaches and privacy violations than organizations that believe the compliance function's purpose is to enforce rules and conduct risk and compliance activities in silos. While 61% of survey respondents overall reported their organization has experienced a compliance violation in the last three years, only 40% of those who take an integrated view of risk management and compliance activities experienced a compliance violation. On the other hand, 71% of all respondents who view the compliance function as the enforcer of rules have experienced a compliance violation in the past 3 years.

To see additional findings from Hyperproof's 2021 IT Compliance Benchmark Report, please visit

About Hyperproof: Hyperproof has built innovative compliance operations software that helps organizations gain the visibility, efficiency, and consistency IT compliance teams need to stay on top of all of their security assurance and compliance work. With Hyperproof, organizations have a single platform for managing daily compliance operations; they can plan their work, make key tasks visible, get work done efficiently, and track progress in real-time. Hyperproof is used by fast-growing companies in technology and business and professional services, including Netflix, UIPath, Figma, Nutanix, Qorus, Glance Networks, Prime8 Consulting, and others. For more information about Hyperproof and their products, visit or follow Hyperproof on LinkedIn.

Media Contact:
Jingcong Zhao
Director of Content Marketing, Hyperproof 

Cision View original content to download multimedia:

SOURCE Hyperproof

[ Back To's Homepage ]