In an effort to debunk the myths around IT risk management Symantec Corp staged the India launch of its IT Risk Management Report Volume II on February 5, 2008. The report says that despite an increasing number of practitioners embracing a more balanced approach that encompasses security, availability, compliance and performance risks; misunderstandings of IT risk management can lead to potential IT system failures and ultimately impact business continuity. It also indicates that process issues cause 53 percent of IT incidents, while IT often underestimates the frequency of data loss incidents.

"Now in its second year, the IT Risk Management Report provides IT professionals and C-level executives with unparalleled insight into the discipline of IT risk management—ranging from understanding what’s working and what’s not to providing actionable guidance and best practices for effective program execution," Anil Chakravarthy, VP Worldwide – Enterprise Services, Symantec Corporation. "Better understanding of the practice of IT risk management empowers organizations to take calculated risks with confidence and use IT to drive competitive advantage.

The report, driven by the analysis of about 400 surveys of IT professionals worldwide, identifies the following key myths commonly associated with IT risk include:

The myth that IT risk management is focused only on IT security;
The myth that IT risk management is project driven;
The myth that technology alone can manage IT risk;
The myth that IT risk management has already become a formal discipline.

Shedding light on the state of IT risk management within different industry verticals, it highlights that the healthcare industry can participants expected the most IT incidents of any industry sector given the complexity and highly personal nature of healthcare services.

Telecommunications ranked highest in deploying IT risk management controls, followed closely by banking and financial services.