It Risk Management: From IT Necessity to Strategic Business Value
With information technology becoming an increasingly important part of every enterprise, managing IT risk has become critically important for CIOs and their business counterparts. However, the complexity of IT makes it very difficult to understand and make good decisions about IT risks. CISR research has identified four business risks - Availability, Access, Accuracy, and Agility - that are most affected by IT. Since nearly every major IT decision involves conscious or unconscious tradeoffs among the four IT risks, IT and business executives must understand and prioritize their enterprise's position on each. Three core disciplines - IT foundation, risk governance process, and risk aware culture - constitute an effective risk management capability. Enterprises that build the three core disciplines manage risk more effectively and their business executives have better understanding of their IT risk profile and risk tradeoffs. When done well, IT risk management matures from a set of difficult compliance and threat-reduction activities to become a true source of agility and business value.
|Date of creation:||07 Dec 2007|
|Date of revision:|
|Contact details of provider:|| Postal: |
Web page: http://mitsloan.mit.edu/
More information through EDIRC
|Order Information:|| Postal: MASSACHUSETTS INSTITUTE OF TECHNOLOGY (MIT), SLOAN SCHOOL OF MANAGEMENT, 50 MEMORIAL DRIVE CAMBRIDGE MASSACHUSETTS 02142 USA|
When requesting a correction, please mention this item's handle: RePEc:mit:sloanp:39809. See general information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Christian Zimmermann)
If references are entirely missing, you can add them using this form.