IT failures are a leading threat to businesses worldwide, and British companies are particularly ill-prepared at handling them. That's according to a survey from Mercury Interactive Corporation, which found that a third of UK companies were handling IT risks in an uncoordinated fashion.

That compares badly to companies in other parts of the world. For example, in the Asia Pacific region, 83 percent of companies said IT risks were being well managed while 71 percent of companies in the US said the same.

The report looked at major sources of IT risks to companies and how they were being tackled in 22 countries across the globe.

Mark Sarbiewski, senior director for product marketing at Mercury, said that IT failure was expected to an extent, "but if the failure rates were high in any other part of a business, it wouldn’t survive and the alarm bells would go off." Businesses, along with their partners and various systems and services, are more and more dependent on IT these days, he said.

"The risks coming from IT affect the overall business results, loss of revenue and customers…. An IT failure at an airline company for example, can cause the airline reservations to go down. The same for a company like eBay," said Sarbiewski.

Security initiatives adopted by a company, which caused companies embarrassing losses if they failed to protect data, topped the IT risk list with 36 percent.

Sarbiewski explained that "most companies these days were taking a handful of monolithic applications like Siebel and SAP and replacing them with hundreds of smaller applications." This was bringing in a fundamental change in IT but the kind of reliability they offered was questionable, he added. “The second-highest source of IT risk to businesses therefore – with 29 percent – was the new type of service-oriented architecture that had flexibility and promise, and a lot of challenges."

The third highest source of IT risk to businesses was outsourcing, at 28 percent, said the report. With employers having little or no control over operations abroad, Sarbiewski said outsourcing offered mixed results of rewards and losses to employers.

The 1100 IT executives, who participated in the survey, also identified supply chain and logistics management, and customer service as two functions most vulnerable to business due to IT risks.

Other key findings from the report were:

  • The business outcomes most dependent on IT were: the ability to reduce cost of operations (80 percent), ensuring regulatory compliance (66 percent) and the ability to merge (58 percent).
  • 55 percent believed that less than half of their IT initiatives in the past two years had not delivered the expected business outcome.

The survey revealed that companies these days are setting up centralised project and program management offices to cater to complex projects. Also, unlike the past where companies only checked if their data and networks were running, and failed to deliver the final end-service, businesses are now focussing on specific service-level management issues, and formalising change and management practices in the office. An online banking business for example, would focus on order processing and inventories, explained Sarbiewski.

"Escalating IT change and complexity are conspiring to create a new epidemic of Business Risk,” said James Stevenson, vice president and managing director at Mercury UK, Middle East and Africa. "The antidote is clear. First, understand the blind spots in IT that are driving the most risk into the business and then establish the right mix of process and automation to get control over change and drive predictable business outcomes."