IT failures cost average of £410,000 - but half could easily be avoided, warns KPMG

Technology Risk Radar report warns that organisations are not properly managing risk associated with technology

An IT failure costs an organisation an average of £410,000 per incident, but half of the issues that bring businesses grinding to a halt could be classed as avoidable.

That is according to a new report, titled the Technology Risk Radar, released by professional services firm KPMG, which examined IT failures at organisations over a period of 12 months.

The report comes shortly after RBS was fined £56m for massive IT failures which caused major disruption to the company and its customers in 2012.

The research found that in addition to system downtime costing organisations an average of £410,000 in losses and repair costs, 776,000 people on average are affected by every IT failure.

KPMG also claims that about four million bank and credit cards are compromised each time an organisation has problems with its internal technology, as data becomes more vulnerable when systems are down.

According to the research, half of the issues which cause these IT failures can be classed as "avoidable," but are still causing problems because businesses aren't taking due care when managing their technology.

Coding errors were found to be the biggest cause of these avoidable problems, while human error accounted for seven per cent of all IT failures, suggesting basic investments in training are being ignored at the employers' cost.

"Technology is no longer a function within a business which operates largely in in isolation," said Jon Dowie, partner in KPMG's Technology Risk practice.

"It is at the heart of everything a company does and when it goes wrong, it affects an organisation's bottom line, its relationship with customers and its wider reputation."

Dowie warned that as organisations invest in new technology, investment in how to use it must be seen as vital, otherwise businesses are at risk from IT failures and data loss incidents due to mismanagement of tools.

"Investment in technology will continue to rise as businesses embrace digital and other opportunities, but this needs to be matched by investments in assessing, managing and monitoring the associated risks," Dowie continued.

"At a time when even our regulators have shown themselves to be vulnerable to technology risk, no one can afford to be complacent," he added, referring to an incident which saw the Information Commissioner's Office itself get hacked.

Dowie went on to warn that all organisations, be they public or private sector, must ensure that their IT systems are properly managed in order provide the maximum possible protection against costly system failures.

"With ever greater complexity in IT systems – not to mention the challenge of implementing IT transformational change – companies are running to stand still in managing their IT risks. The cost of failure is all too clear," he said.

"It is crucial for both public and private sector organisations to understand the risks associated with IT and how they can be managed, mitigated and avoided," Dowie concluded.

It isn't just IT system failures that are a threat to the enterprise; earlier this year, KPMG warned that companies are losing the battle against cyber crime.