CIOs and lawyers 'must speak the same language'

IT chiefs and lawyers must learn to speak the same language if they are to work together to help organisations avoid risk.

And although responsibility for IT risk management - the careful balancing act of businesses benefit against liability - must not begin and end with the IT department, it is important to run any policies past the techies, according to IT execs speaking at the Gartner IT Security Summit 2007 this week.

David Lodge, global head of IT risk control at UBS, said it is vital the IT crowd is consulted, agrees with and has ownership of any policies that directly affect them - and technical teams must make the effort to try and communicate with legal eagles in a language other than "IT speak".

Lodge said: "I would like to have a legal team which will tell the IT department what we need to be doing.

"But lawyers being lawyers, it is very difficult to work with them to understand what we want [and] if they could talk to us in an IT language life would be much easier."

silicon.com Financial Services

Get the latest financial services news straight to your inbox. Sign up for the FS newsletter today!

Also speaking at the event, Neil Dudleston, group information security officer at United Utilities, said: "If you express risk in the different languages make sure things are transparent and everyone does understand who is responsible for what."