Software // Information Management
Commentary
9/10/2007
07:24 AM
Rajan Chandras
Rajan Chandras
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Governance is a Four-Letter Word

It's probably true in more ways than one, but the four-letter word I'm thinking of is RISK. The ultimate objective of IT governance is two-fold: enhance business value and reduce business risk from information technology. A new book out from the Harvard Business School Press does a pretty good job of addressing the latter and goes onto my "Recommended Reading" bookshelf.

It's probably true in more ways than one, but the four-letter word I'm thinking of is RISK. The ultimate objective of IT governance is two-fold: enhance business value and reduce business risk from information technology. A recent book I read does a pretty good job of addressing the latter, and goes onto my "Recommended Reading" bookshelf.

As IT continues to grow in strategic importance - and let's face it, IT "arrived" years ago, naysayers be damned - IT is also a source of increasing business risk and disruption. The vulnerability of airlines to any technological malfunction (or, of course, misalignment in the human-computer interface) is a stellar example of the disruptive power of IT.By now, we are all fairly adept at identifying risks in technology projects, but too often our view of the risks ends with the immediate impact related to the project and project stake-holders. What is needed is the ability to follow the risk threads to the logical end. In most cases, this end is the threat to one or more business processes, which can seriously disrupt the enterprise and, hence, impact enterprise stake-holders.

IT Risk: Turning Business Threats into Competitive Advantage, by George Westerman and Richard Hunter (Harvard Business School Press) does a great job of discussing technology risk in the context of business disruption. The book also proposes an approach to address technology risk, driven by…

• Three "Core Disciplines" of risk management • A four-pronged framework for managing IT risk • Five key practices for effective IT risk governance, and last but not the least • Ten ways executives can improve IT risk management

The "Monk" in me secretly laments that the authors could not find either six or twelve ideas for executives instead of ten… the math would have been so satisfying… but in other respects, the book is more than satisfactory.

I'm a strong believer in the maxim that the state of the organization reflects the state of the leadership, and this extends to risk management. IT risk management is a topic that no technology (or business) executive can afford to ignore, and I agree with the book's premise that "A risk-aware culture starts at the top."

What have you done for risk management lately?It's probably true in more ways than one, but the four-letter word I'm thinking of is RISK. The ultimate objective of IT governance is two-fold: enhance business value and reduce business risk from information technology. A new book out from the Harvard Business School Press does a pretty good job of addressing the latter and goes onto my "Recommended Reading" bookshelf.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.