The Combined Code of Corporate Governance places surviving an IT disaster firmly on the corporate agenda. One of the key points of the Combined Code is that the board is responsible for reviewing the effectiveness of risk management systems, at least annually, and reporting to shareholders that they are in place.
4-consulting director, Sandy Pratt, takes a look at the processes involved in completing an effective IT risk audit and developing a recovery plan, a task which becomes increasingly more complicated in a constantly changing environment.