Create a Formal Risk Management Strategy
Strategize with the business in mind, but be prepared to act alone.
Send a friend or colleague a link to this article
Last Revised: November 28, 2012
- IT is responsible for protecting corporate assets, and business secrets from risk exposure. Organizations who approach risk management in an ad-hoc manner have trouble protecting the organization from risk, and therefore struggle establishing IT credibility with the business.
- IT leaders need to create a formal risk management strategy to maximize risk management success which will protect the organization’s assets, and business processes.
- IT leaders need to actively engage the business throughout their formal risk management strategy (identifying, assessing, and mitigating risk); however, IT must earn business involvement by proving the value of risk management to business executives.
- Risk management success is derived from the following seven benefits: project completion, managing IT related business risks, delivering IT services in line with business requirements, securing information processing, communicating cost/benefits of risks, supporting business compliance, and complying with external laws and regulations. Organizations that used a formal risk management strategy had approximately 53% more risk management success than those who used an ad-hoc approach.
- Organizations who used a formal risk management strategy had approximately 80% more business involvement success than those that used an ad-hoc approach.
- Business involvement adds serious value to the success of a risk management strategy as IT gets perspective and insights about business processes that it is unable to get on its own. Organizations that were successful in obtaining business involvement had approximately 59% more risk management success than those who did not have business involvement.
Impact and Result
- Use a formal risk management strategy to systematically identify risk events using nine risk scenarios, assess each risk event’s likelihood and impact, and create risk mitigation plans that cater to business requirements.
- Enable the business to drive faster by taking advantage of the risk management strategy benefits, and simultaneously gain credibility from business executives.
Get to Action
Build a strategy for formal risk management
Realize the seven benefits that comprise risk management success.
Identify, assess, and determine mitigation responsibilies for risk events
Track risk events through reporting and dashboards.
Learn about scenario based risk management
Gain business-IT collaboration within your risk management strategy.