Gartner Says IT Needs To Better Manage Risk -- Redmondmag.com

Gartner Says IT Needs To Better Manage Risk

Despite IT operations becoming more integral to a company's business success, larger enterprises have failed to adjust their processes for IT decision making and risk-management. This assertion was made yesterday at the Gartner Symposium/ITxpo 2007 conference in Orlando by Richard Hunter, group vice president and Gartner fellow in Gartner Executive Programs.

Hunter, who co-wrote the recently released book IT Risk: Turning Business Threats into Competitive Advantage, also said there has been an increased dependence on the "smooth functioning" of IT, which has served only to amplify the business impact of IT risk incidents.

"IT risk incidents harm constituencies within and outside companies," Hunter said. "They damage corporate reputations and expose weaknesses in companies' management teams. Most importantly, uncontrolled IT risk dampens an organization's ability to compete."

Hunter defined IT risk as a threat to any of four business objectives: the availability of IT systems and business processes; the right people in an organization having access to the data and systems; the reliability of IT systems to provide accurate and timely information; and the agility of IT systems to change if a company either acquires another organization or implements a significantly different business process redesign.

IT risk factors are something to be managed, not eliminated, Hunter said, adding that proper management means making trade-offs between risk and return, between the perils a company can bear and the risks it would rather avoid. Until now, however, business managers haven't had the tools or disciplines to manage IT risk.

He suggested there are three disciplines IT managers should learn to manage IT risk, including a foundation of IT assets, people and supporting processes, a well thought-out risk governance structure and process, and the establishment of a risk-aware culture that attunes users to the causes and possible solutions for IT risks.

Posted by Ed Scannell on 10/11/2007 at 1:23 PM

Featured

Choosing the Right SSID for Your Network

Attracting attention, whether through a default or funny Wi-Fi name, could lead to a security issue.
Microsoft Outlines Latest Security Efforts at Ignite

In the wake of last year's CrowdStrike incident, Microsoft has worked to publicly rehabilitate its security image through new initiatives and public commitments to improve. That push continued this week at Ignite, where Microsoft announced a handful of new security tools and updates.
Nadella on Copilot: 'Major Platform Shifts Are in the Air'

As should be no surprise, Copilot took center stage during Microsoft CEO Satya Nadella's keynote speech to open Microsoft Ignite 2024.
Azure AI Foundry Revealed at Microsoft Ignite

Microsoft is consolidating its Azure generative AI tools into a unified platform named Azure AI Foundry.
Microsoft Bolsters Fabric at Ignite

While Fabric has improved in the year since its release, there are still some glaring issues with the platform.