Build an IT Risk Management Program

Mitigate the IT risks that could negatively impact your organization.

The Situation

Risk is unavoidable. Without a formal program to manage IT risk, you may be unaware of your severest IT risks.
The business could be making decisions that are not informed by risk.
Reacting to risks AFTER they occur can be costly and crippling, yet it is one of the most common tactics used by IT departments.

Build an IT Risk Management Program visualization

Transform your ad hoc IT risk management processes into a formalized, ongoing program, and increase risk management success.
Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest risks before they occur.
Involve key stakeholders including the business senior management team to gain buy-in and to focus on IT risks most critical to the organization.

Blueprint Contents

Build an IT Risk Management Program – Phases 1-3
Integrated Risk Maturity Assessment
Risk Management Program Manual
Risk Register Tool
Risk Costing Tool
Risk Event Action Plan
Risk Report

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.1/10

Overall Impact

$118,698

Average $ Saved

Average Days Saved

Member Testimonials
Client	American National Insurance Company Inc
Experience	Workshop
Impact	9/10
$ Saved	$34,000
Days Saved	5
Testimonial	Best part was Mark sharing his experience with us throughout the workshop. Worst part was the lack of a clear agenda for the workshop, so we could... Best part was Mark sharing his experience with us throughout the workshop. Worst part was the lack of a clear agenda for the workshop, so we could schedule the proper people at the proper times.

Member Testimonials
Client	AlTi Tiedemann Global
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	N/A
Testimonial	Ben was absolutely outstanding throughout the session. His expertise, clarity, and engagement made the experience highly valuable and very enjoyabl... Ben was absolutely outstanding throughout the session. His expertise, clarity, and engagement made the experience highly valuable and very enjoyable. I would like to extend my sincere congratulations and thanks to him for his excellent delivery and support. This was truly a great learning experience, and I really appreciate the effort and dedication that Ben put into it. Thank You!

Member Testimonials
Client	MAYOR AND CITY COUNCIL OF LAUREL
Experience	Guided Implementation
Impact	10/10
$ Saved	$34,000
Days Saved	50
Testimonial	Benoit is an amazing partner in It governance projects, and guided us expertly through the risk management program development process. Benoit is an amazing partner in It governance projects, and guided us expertly through the risk management program development process.

Member Testimonials
Client	Clayton County School District
Experience	Guided Implementation
Impact	8/10
$ Saved	$8,160
Days Saved	3
Testimonial	This subject is tough because we are building it from the ground up. It feels like this could be broken into 2 different implementations. This subject is tough because we are building it from the ground up. It feels like this could be broken into 2 different implementations.

Member Testimonials
Client	MDU Services LTD
Experience	Guided Implementation
Impact	8/10
$ Saved	N/A
Days Saved	N/A
Testimonial	Benoit was very flexible in terms of timings, tropics and how we navigated the blueprint. The negatives were more on my side with poor timing of lo... Benoit was very flexible in terms of timings, tropics and how we navigated the blueprint. The negatives were more on my side with poor timing of loosing a critical resource.. I suspect we may come back to this blueprint later in the year.

Member Testimonials
Client	New Mexico Department Of Health
Experience	Guided Implementation
Impact	10/10
$ Saved	$81,600
Days Saved	20
Testimonial

Member Testimonials
Client	California Department Of Technology
Experience	Workshop
Impact	10/10
$ Saved	$1.22M
Days Saved	75
Testimonial	Sumit's skill in connecting practical tools with real-world applications allowed us to view risks from new and valuable perspectives; Importance o... Sumit's skill in connecting practical tools with real-world applications allowed us to view risks from new and valuable perspectives; Importance of proactive risk management - identifying and managing it early reduces negative impacts; A structured risk program builds organizational resilience and supports strategic objectives; Different risk categories and tailored mitigation approach; Use tools like risk registers, brainstorming, and SWOT analysis to identify risks; Clearly define risk ownership; Foster a culture of transparency where staff are encouraged to report potential risks without fear; Aligns risk management with strategic goals, compliance obligations, and organizational performance; Establish a pilot risk register for our branch; Understanding risk management enhances leadership and decision-making capabilities. Upskill staff to enhance their career growth through accountability, strategic thinking, and governance literacy.

Member Testimonials
Client	Moly-Cop
Experience	Guided Implementation
Impact	9/10
$ Saved	$6,800
Days Saved	5
Testimonial

Member Testimonials
Client	Department of Home Affairs
Experience	Workshop
Impact	10/10
$ Saved	$22,500
Days Saved	23
Testimonial

Member Testimonials
Client	EMCO
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	N/A
Testimonial	Fantastic insights that have helped us further mature our IT risk management program and its effectivness. Fantastic insights that have helped us further mature our IT risk management program and its effectivness.

Member Testimonials
Client	Nebraska Public Power District
Experience	Workshop
Impact	9/10
$ Saved	N/A
Days Saved	N/A
Testimonial	The workshop was very helpful but seemed a little rushed at times. There was some content that was not covered. For example, we would have liked to... The workshop was very helpful but seemed a little rushed at times. There was some content that was not covered. For example, we would have liked to have discussed the risk register but did not.

Member Testimonials
Client	Geidea
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	20
Testimonial	I wanted to take a moment to acknowledge the outstanding performance of Benoit in risk management. His ability to explain all risks phases has bee... I wanted to take a moment to acknowledge the outstanding performance of Benoit in risk management. His ability to explain all risks phases has been crucial. The thoroughness and clarity of risk assessments have been invaluable in supporting our decision-making. I also appreciate how Benoit effectively collaborate and his attention to detail, strong analytical skills, and timely delivery of key insights have made a significant impact. Thank you for your dedication and hard work. Keep up the excellent work Benoit. Merci beaucoup pour ton soutien continu :)

Member Testimonials
Client	Roper Pump Company
Experience	Guided Implementation
Impact	9/10
$ Saved	N/A
Days Saved	N/A
Testimonial	The tools and resources provided. The tools and resources provided.

Member Testimonials
Client	Focused Education Resources
Experience	Guided Implementation
Impact	10/10
$ Saved	$11,500
Days Saved	5
Testimonial	Very helpful advice and support. Very helpful advice and support.

Member Testimonials
Client	City of Menifee
Experience	Workshop
Impact	9/10
$ Saved	N/A
Days Saved	N/A
Testimonial	Technology Risk management is a brand new undertaking for the City as a formal, documented process. This workshop provided the Risk Management tea... Technology Risk management is a brand new undertaking for the City as a formal, documented process. This workshop provided the Risk Management team with a good understanding of the process and methods for conducting formal risk assessments and developing the roadmap for execution.

Member Testimonials
Client	Ideal Boilers Limited
Experience	Guided Implementation
Impact	9/10
$ Saved	N/A
Days Saved	1
Testimonial	Framework examples will help greatly; populated proformas (to set the framework in context) would have helped further. Framework examples will help greatly; populated proformas (to set the framework in context) would have helped further.

Member Testimonials
Client	Regina Catholic Schools
Experience	Guided Implementation
Impact	10/10
$ Saved	$10,000
Days Saved	5
Testimonial	Valence was very knowledgeable and gave great insights to specific areas to focus on and where we can make improvements to achieve our goals. Valence was very knowledgeable and gave great insights to specific areas to focus on and where we can make improvements to achieve our goals.

Member Testimonials
Client	Midis Services FZ - LLC
Experience	Guided Implementation
Impact	9/10
$ Saved	N/A
Days Saved	14
Testimonial	assigning an unqualified resource from my end, since he wont be guided and the consultant expects the other party to have the minimum knowledge assigning an unqualified resource from my end, since he wont be guided and the consultant expects the other party to have the minimum knowledge

Member Testimonials
Client	Allegheny College
Experience	Guided Implementation
Impact	10/10
$ Saved	$6,850
Days Saved	3
Testimonial

Member Testimonials
Client	City Of Charlotte
Experience	Guided Implementation
Impact	10/10
$ Saved	$34,250
Days Saved	5
Testimonial	Valence continues to keep us pointed in the right direction on this launch of an IT Controls Program. I appreciate that he not only takes the time ... Valence continues to keep us pointed in the right direction on this launch of an IT Controls Program. I appreciate that he not only takes the time to explain the steps clearly but also emphasizes our next steps before ending the call.

Member Testimonials
Client	South Australian Water Corporation
Experience	Guided Implementation
Impact	1/10
$ Saved	N/A
Days Saved	N/A
Testimonial	The analyst had not reviewed our current risk management framework and plan prior to the call - the meeting was not valuable. The analyst had not reviewed our current risk management framework and plan prior to the call - the meeting was not valuable.

Member Testimonials
Client	Boston Dynamics
Experience	Guided Implementation
Impact	10/10
$ Saved	$68,500
Days Saved	5
Testimonial	Greg is very flexible, extremely experienced and we aligned easily on my desire to "right size" our risk management effort. Greg is very flexible, extremely experienced and we aligned easily on my desire to "right size" our risk management effort.

Member Testimonials
Client	MDU Services LTD
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	29
Testimonial	Best: Having a framework, supporting tools & templates and a dedicated named expert in the subject (Donna Bales) to hand hold us through the progr... Best: Having a framework, supporting tools & templates and a dedicated named expert in the subject (Donna Bales) to hand hold us through the programme. Worst: Slow progress from our side due to competing organisational priorities and as a result we are unable to sustain the momentum of the programme.

Member Testimonials
Client	Johnson County Library
Experience	Guided Implementation
Impact	9/10
$ Saved	$2,599
Days Saved	5
Testimonial

Member Testimonials
Client	MassMutual
Experience	Guided Implementation
Impact	10/10
$ Saved	$71,499
Days Saved	16
Testimonial

Member Testimonials
Client	Fernco Inc
Experience	Workshop
Impact	9/10
$ Saved	N/A
Days Saved	10
Testimonial	Best parts since this was an update from previous years, Sumit provided pre-work prior to the workshop so that more discussion time could be spent ... Best parts since this was an update from previous years, Sumit provided pre-work prior to the workshop so that more discussion time could be spent on the roadmap. Worst parts trying figure out a way to respond to the question "...estimate the financial impact our tools and advice will save you by the end of this project"

Member Testimonials
Client	Massey University
Experience	Workshop
Impact	3/10
$ Saved	N/A
Days Saved	N/A
Testimonial	Overall, I felt we gained very little from this exercise. It could be that we were starting from quite an advanced level of risk management to begi... Overall, I felt we gained very little from this exercise. It could be that we were starting from quite an advanced level of risk management to begin with, but overall, the feedback from the team was that this was not a good use their time nor was the outcome what we were after.

Member Testimonials
Client	Desert Lime Ltd
Experience	Guided Implementation
Impact	9/10
$ Saved	$20,500
Days Saved	23
Testimonial	Friendliness and support provided by the team Friendliness and support provided by the team

Member Testimonials
Client	The University of Alabama at Birmingham
Experience	Guided Implementation
Impact	10/10
$ Saved	$2,479
Days Saved	5
Testimonial	Worst - I waited too long before engaging with Info-tech for advice. Best - Having an Info-tech professional look at where I was going and what I ... Worst - I waited too long before engaging with Info-tech for advice. Best - Having an Info-tech professional look at where I was going and what I was doing and be able to see my data, analysis, and goals through their experience and offer options for proceeding. All of the options were good and viable.

Member Testimonials
Client	The Government of the Northwest Territories
Experience	Workshop
Impact	10/10
$ Saved	$22,000
Days Saved	50
Testimonial	Best - guided process by knowledgeable SMEs, InfoTechs flexibility in course delivery to meet our needs /Covid requirements. Deliverables are pract... Best - guided process by knowledgeable SMEs, InfoTechs flexibility in course delivery to meet our needs /Covid requirements. Deliverables are practical & give us a clear place to start. Worst - nothing Thank you!

Member Testimonials
Client	Experience	Impact	$ Saved	Days Saved	Testimonial
American National Insurance Company Inc	Workshop	9/10	$34,000	5	Best part was Mark sharing his experience with us throughout the workshop. Worst part was the lack of a clear agenda for the workshop, so we could... Best part was Mark sharing his experience with us throughout the workshop. Worst part was the lack of a clear agenda for the workshop, so we could schedule the proper people at the proper times.
AlTi Tiedemann Global	Guided Implementation	10/10	N/A	N/A	Ben was absolutely outstanding throughout the session. His expertise, clarity, and engagement made the experience highly valuable and very enjoyabl... Ben was absolutely outstanding throughout the session. His expertise, clarity, and engagement made the experience highly valuable and very enjoyable. I would like to extend my sincere congratulations and thanks to him for his excellent delivery and support. This was truly a great learning experience, and I really appreciate the effort and dedication that Ben put into it. Thank You!
MAYOR AND CITY COUNCIL OF LAUREL	Guided Implementation	10/10	$34,000	50	Benoit is an amazing partner in It governance projects, and guided us expertly through the risk management program development process. Benoit is an amazing partner in It governance projects, and guided us expertly through the risk management program development process.
Clayton County School District	Guided Implementation	8/10	$8,160	3	This subject is tough because we are building it from the ground up. It feels like this could be broken into 2 different implementations. This subject is tough because we are building it from the ground up. It feels like this could be broken into 2 different implementations.
MDU Services LTD	Guided Implementation	8/10	N/A	N/A	Benoit was very flexible in terms of timings, tropics and how we navigated the blueprint. The negatives were more on my side with poor timing of lo... Benoit was very flexible in terms of timings, tropics and how we navigated the blueprint. The negatives were more on my side with poor timing of loosing a critical resource.. I suspect we may come back to this blueprint later in the year.
New Mexico Department Of Health	Guided Implementation	10/10	$81,600	20
California Department Of Technology	Workshop	10/10	$1.22M	75	Sumit's skill in connecting practical tools with real-world applications allowed us to view risks from new and valuable perspectives; Importance o... Sumit's skill in connecting practical tools with real-world applications allowed us to view risks from new and valuable perspectives; Importance of proactive risk management - identifying and managing it early reduces negative impacts; A structured risk program builds organizational resilience and supports strategic objectives; Different risk categories and tailored mitigation approach; Use tools like risk registers, brainstorming, and SWOT analysis to identify risks; Clearly define risk ownership; Foster a culture of transparency where staff are encouraged to report potential risks without fear; Aligns risk management with strategic goals, compliance obligations, and organizational performance; Establish a pilot risk register for our branch; Understanding risk management enhances leadership and decision-making capabilities. Upskill staff to enhance their career growth through accountability, strategic thinking, and governance literacy.
Moly-Cop	Guided Implementation	9/10	$6,800	5
Department of Home Affairs	Workshop	10/10	$22,500	23
EMCO	Guided Implementation	10/10	N/A	N/A	Fantastic insights that have helped us further mature our IT risk management program and its effectivness. Fantastic insights that have helped us further mature our IT risk management program and its effectivness.
Nebraska Public Power District	Workshop	9/10	N/A	N/A	The workshop was very helpful but seemed a little rushed at times. There was some content that was not covered. For example, we would have liked to... The workshop was very helpful but seemed a little rushed at times. There was some content that was not covered. For example, we would have liked to have discussed the risk register but did not.
Geidea	Guided Implementation	10/10	N/A	20	I wanted to take a moment to acknowledge the outstanding performance of Benoit in risk management. His ability to explain all risks phases has bee... I wanted to take a moment to acknowledge the outstanding performance of Benoit in risk management. His ability to explain all risks phases has been crucial. The thoroughness and clarity of risk assessments have been invaluable in supporting our decision-making. I also appreciate how Benoit effectively collaborate and his attention to detail, strong analytical skills, and timely delivery of key insights have made a significant impact. Thank you for your dedication and hard work. Keep up the excellent work Benoit. Merci beaucoup pour ton soutien continu :)
Roper Pump Company	Guided Implementation	9/10	N/A	N/A	The tools and resources provided. The tools and resources provided.
Focused Education Resources	Guided Implementation	10/10	$11,500	5	Very helpful advice and support. Very helpful advice and support.
City of Menifee	Workshop	9/10	N/A	N/A	Technology Risk management is a brand new undertaking for the City as a formal, documented process. This workshop provided the Risk Management tea... Technology Risk management is a brand new undertaking for the City as a formal, documented process. This workshop provided the Risk Management team with a good understanding of the process and methods for conducting formal risk assessments and developing the roadmap for execution.
Ideal Boilers Limited	Guided Implementation	9/10	N/A	1	Framework examples will help greatly; populated proformas (to set the framework in context) would have helped further. Framework examples will help greatly; populated proformas (to set the framework in context) would have helped further.
Regina Catholic Schools	Guided Implementation	10/10	$10,000	5	Valence was very knowledgeable and gave great insights to specific areas to focus on and where we can make improvements to achieve our goals. Valence was very knowledgeable and gave great insights to specific areas to focus on and where we can make improvements to achieve our goals.
Midis Services FZ - LLC	Guided Implementation	9/10	N/A	14	assigning an unqualified resource from my end, since he wont be guided and the consultant expects the other party to have the minimum knowledge assigning an unqualified resource from my end, since he wont be guided and the consultant expects the other party to have the minimum knowledge
Allegheny College	Guided Implementation	10/10	$6,850	3
City Of Charlotte	Guided Implementation	10/10	$34,250	5	Valence continues to keep us pointed in the right direction on this launch of an IT Controls Program. I appreciate that he not only takes the time ... Valence continues to keep us pointed in the right direction on this launch of an IT Controls Program. I appreciate that he not only takes the time to explain the steps clearly but also emphasizes our next steps before ending the call.
South Australian Water Corporation	Guided Implementation	1/10	N/A	N/A	The analyst had not reviewed our current risk management framework and plan prior to the call - the meeting was not valuable. The analyst had not reviewed our current risk management framework and plan prior to the call - the meeting was not valuable.
Boston Dynamics	Guided Implementation	10/10	$68,500	5	Greg is very flexible, extremely experienced and we aligned easily on my desire to "right size" our risk management effort. Greg is very flexible, extremely experienced and we aligned easily on my desire to "right size" our risk management effort.
MDU Services LTD	Guided Implementation	10/10	N/A	29	Best: Having a framework, supporting tools & templates and a dedicated named expert in the subject (Donna Bales) to hand hold us through the progr... Best: Having a framework, supporting tools & templates and a dedicated named expert in the subject (Donna Bales) to hand hold us through the programme. Worst: Slow progress from our side due to competing organisational priorities and as a result we are unable to sustain the momentum of the programme.
Johnson County Library	Guided Implementation	9/10	$2,599	5
MassMutual	Guided Implementation	10/10	$71,499	16
Fernco Inc	Workshop	9/10	N/A	10	Best parts since this was an update from previous years, Sumit provided pre-work prior to the workshop so that more discussion time could be spent ... Best parts since this was an update from previous years, Sumit provided pre-work prior to the workshop so that more discussion time could be spent on the roadmap. Worst parts trying figure out a way to respond to the question "...estimate the financial impact our tools and advice will save you by the end of this project"
Massey University	Workshop	3/10	N/A	N/A	Overall, I felt we gained very little from this exercise. It could be that we were starting from quite an advanced level of risk management to begi... Overall, I felt we gained very little from this exercise. It could be that we were starting from quite an advanced level of risk management to begin with, but overall, the feedback from the team was that this was not a good use their time nor was the outcome what we were after.
Desert Lime Ltd	Guided Implementation	9/10	$20,500	23	Friendliness and support provided by the team Friendliness and support provided by the team
The University of Alabama at Birmingham	Guided Implementation	10/10	$2,479	5	Worst - I waited too long before engaging with Info-tech for advice. Best - Having an Info-tech professional look at where I was going and what I ... Worst - I waited too long before engaging with Info-tech for advice. Best - Having an Info-tech professional look at where I was going and what I was doing and be able to see my data, analysis, and goals through their experience and offer options for proceeding. All of the options were good and viable.
The Government of the Northwest Territories	Workshop	10/10	$22,000	50	Best - guided process by knowledgeable SMEs, InfoTechs flexibility in course delivery to meet our needs /Covid requirements. Deliverables are pract... Best - guided process by knowledgeable SMEs, InfoTechs flexibility in course delivery to meet our needs /Covid requirements. Deliverables are practical & give us a clear place to start. Worst - nothing Thank you!

ITRG Provides Proven Results for IT Leaders

30,000+

ITRG members spanning the Global 2000

$400M+

Cut from IT costs with our pricing intelligence and advisory support

+8%

Increase in stakeholder satisfaction where IT leaders used Info-Tech services

9.5/10

Member-related value across +50,000 analyst calls, workshops and projects

About Info-Tech Research Group

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

Our Offices

Arlington, VA

1225 South Clark Street, Suite 1310

Arlington, VA, USA
22202

Las Vegas, NV

3960 Howard Hughes Parkway, Suite 500

Las Vegas, NV, USA
89169

London, ON

345 Ridout Street North

London, ON, Canada
N6A 2N8

London, UK

10 York Road, Suite 5W127

London, United Kingdom
SE1 7ND

Singapore

71 Robinson Road, #14-130

Singapore
068895

Sydney, NSW

320 Pitt Street, Level 6

Sydney, NSW, Australia
2000

Toronto, ON

888 Yonge Street

Toronto, ON, Canada
M4W 2J2