The Risk Intelligent CIOBecoming a Front-Line IT Leader in a Risky World |
In a business world as fraught with new risks as it is entwined with new technology, chief information officers (and those they report to) are increasingly aware that IT-related problems can come at a staggering cost to an organization’s bottom line and reputation.
10 Key Steps to Risk Intelligence
Strategic
1. Drive the principles of intelligent risk management from the top down and embed it into the culture of the organization.
Risk Identification
2. Link risk directly to value creation and strategic initiatives.
Risk Assessment
3. Leverage probabilities when appropriate, but consider your vulnerabilities when assessing the risk of unique or unknowable events.
4. Recognize how quickly risk situations can accelerate in the age of the Internet and global communication.
5. Improve the accuracy of assessing and measuring loss of value (opportunities missed due to unanticipated or poorly managed risk).
6. Identify and address the root causes of failure: people, processes, systems, external factors.
Risk Response
7. Prepare appropriately for finite, relevant, high-impact events.
Design and Test Controls
8. Harmonize (ensure risk managers all speak the same language), synchronize (coordinate across institutional boundaries),
and rationalize (eliminate duplication of effort) risk management requirements.
Monitoring and Assurance
9. Leverage internal audit to gain independent assurance that appropriate mitigating processes are in place.
Sustainable Capability
10. Identify and close gaps in required capabilities in a timely manner.
The Risk Intelligent CIO
(624.01 KB)
