The 2009 IBM Global CIO Study (available at www.ibm.com) explored how chief information officers are successfully growing profits for their businesses during challenging times. IBM talked with more than 2,500 CIOs from over 75 countries and 15 industries to derive this assessment.

Interestingly, risk management & compliance featured highly in two specific areas:

1. Creating plans that enhance competitiveness

When asked to identify their visionary plans for enhancing their enterprises’ competitiveness, business intelligence and analytics was the top answer, selected by 83% of the sample. The next most popular answer about visionary plans was virtualization, cited by 76% of CIOs. The third area was risk management and compliance, highlighted by 71% of CIO’s. CIOs reiterated the importance of mitigating risk, and many described their organizations as risk-averse.

su53 conclusion: GRC is seen as one of the top 3 drivers for enhancing competitive advantage

2. Innovation

Today’s CIOs spend an impressive 55 percent of their time on activities that spur innovation. These activities include generating buy-in for innovative plans, implementing new technologies and managing non-technology business issues. The remaining 45 percent is spent on essential, more traditional CIO tasks related to managing the ongoing technology environment. This includes reducing IT costs, mitigating enterprise risks and leveraging automation to lower costs elsewhere in the business.

su53 conclusion: CIO’s spend the larger part of their time driving innovation, but managing the IT environment robs them of the time to do that – and mitigating enterprise risks is seen as one of the top 3 time stealers.

su53 is seeing a rapid increase in companies looking to outsource their security & compliance – and not to the major audit firms and SI’s, but to independent specialists who can act client side to monitor the CIO’s service providers as well as the enterprise.