 "CIOs Must Manage IT Risk As Business Risk")
While IT has become increasingly central to business success, many enterprises have not adjusted their processes for IT decision making and risk management, according to Gartner.
In the book “IT Risk :Turning Business Threats into Competitive Advantage”, Richard Hunter, group vice-president and Gartner fellow in Gartner Executive Programmes, and George Westerman, research scientist in the Centre for Information Systems Research at the MIT Sloan School of Management, examine how IT risks directly impact business performance, and advise business executives on how they can manage IT risk as business risk with business consequences.
The authors defined IT risk as a threat to any of four interrelated business objectives:
Business objective: Availability
IT risk: Will a company’s IT systems and business processes continue running, and will they recover from interruptions?
Business objective: Access
IT risk: Do the right people in an organisation have access to the data and systems they need to do their jobs? Are the wrong people blocked from access to those data and systems?
Business objective: Accuracy
IT risk: Can a company’s IT systems be relied on to provide correct, timely, and complete information that meets the requirements of management, staff, customers, suppliers, and regulators?
Business objective: Agility
IT risk: Do the organisation’s IT systems possess the capability to change if the company acquires another firm, completes a major business process redesign, or launches a new product or service?
Hunter introduced three disciplines that enterprises must master to manage IT risk effectively:
A solid foundation of IT assets, people, and supporting processes and controls that enable executives to manage the right risks in the right order.
A well-designed risk governance structure and process: integrating IT risk management into every business decision to identify, prioritise and track risks.
A risk-aware culture, nurtured from the top, that attunes people to the causes and solutions for IT risks and that increases vigilance across the organisation.
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
