 |
Governance is a Four-Letter Word
It's probably true in more ways than one, but the four-letter word I'm thinking of is RISK. The ultimate objective of IT governance is two-fold: enhance business value and reduce business risk from information technology. A recent book I read does a pretty good job of addressing the latter, and goes onto my "Recommended Reading" bookshelf. As IT continues to grow in strategic importance — and let's face it, IT "arrived" years ago, naysayers be damned — IT is also a source of increasing business risk and disruption. The vulnerability of airlines to any technological malfunction (or, of course, misalignment in the human-computer interface) is a stellar example of the disruptive power of IT. By now, we are all fairly adept at identifying risks in technology projects, but too often our view of the risks ends with the immediate impact related to the project and project stake-holders. What is needed is the ability to follow the risk threads to the logical end. In most cases, this end is the threat to one or more business processes, which can seriously disrupt the enterprise and, hence, impact enterprise stake-holders. IT Risk: Turning Business Threats into Competitive Advantage, by George Westerman and Richard Hunter (Harvard Business School Press) does a great job of discussing technology risk in the context of business disruption. The book also proposes an approach to address technology risk, driven by… • Three "Core Disciplines" of risk management The "Monk" in me secretly laments that the authors could not find either six or twelve ideas for executives instead of ten… the math would have been so satisfying… but in other respects, the book is more than satisfactory. I'm a strong believer in the maxim that the state of the organization reflects the state of the leadership, and this extends to risk management. IT risk management is a topic that no technology (or business) executive can afford to ignore, and I agree with the book's premise that "A risk-aware culture starts at the top." What have you done for risk management lately?  E-MAIL | SLASHDOT | DIGG This is a public forum. CMP Technology and its affiliates are not responsible for and do not control what is posted herein. CMP Technology makes no warranties or guarantees concerning any advice dispensed by its staff members or readers. Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Technology's Terms of Service. Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
|
|
Blog Channels
Cindi Howson on Business Intelligence The Brain Food Blogger Tony Byrne on Content Management SQL Puzzlers by Joe Celko Rajan Chandras on IT & Information Management Seth Grimes on Analytics In Context by Doug Henschen Phil Kemelor on Web Analytics Sandy Kemsley's Column Two Nelson King on Enterprise App Development David Linthicum on Software as a Service Natural Insight, By Mark Madsen Alan Pelz-Sharpe on Content Management Mark Smith on Performance Management Neil Raden on Business Intelligence Bruce Silver on Business Process Management Product Maven  Subscribe to RSS Archives
|
|
|