Managing Risk from a Board`s Eye View

By Faisal Hoque  |  Posted 2008-09-15 Email Print this article Print
 
 
 
 
 
 
 

As business technology becomes embedded in core organizational processes, control systems and decision support systems, it is vital that boards appreciate the material risks due to technology and understand the risk-mitigation strategy. Intensified concerns about risk management, auditing and fraud detection, and corporate governance have sensitized boards and top management teams to adopt an even more active role in the oversight of business strategy and key enterprise activities.

Intensified concerns about risk management, auditing and fraud detection, and corporate governance have sensitized boards and top management teams to adopt an even more active role in the oversight of business strategy and key enterprise activities. Significant regulations such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act and the Patriot Act have further raised the stakes.

The failure to meet the required attestations, the unintended violations of privacy and confidentiality, or the heightened vulnerabilities to identity thefts are likely to invite adverse reactions from regulators and from the stock market. As business technology becomes embedded in core organizational processes, control systems and decision support systems, it is vital that boards appreciate the material risks due to technology and understand the risk-mitigation strategy.

An enterprisewide perspective is needed to guide the use of business technology in implementing effective, economical enterprise risk management systems that facilitate both management control and performance auditability. With greater complexity in the processes and structures for managing business technology (as a result of outsourcing, offshoring, and applications and Web site hosting, for example), there is a need for more sophisticated models of enterprisewide risk assessment that factor in not just the internal risks, but also the risks inherent in sourcing and external partnering.

Boards and top management teams must provide active oversight over the impact business technology risks have on the business, and ensure the effectiveness of the governance systems in mitigating these risks. Boards must remain vigilant, always looking at both the business and technology sides of their organizations.

Dr. Leslie Willcocks, professor in technology work and globalization at the London School of Economics, observes many companies, and has a deep understanding of the risks they face and how well they manage them. According to Willcocks, one of the most common risk-related issues organizations face is strategic in nature, caused by a disconnect between technology and the business. He explains:

A frequent problem I see is that the business doesn’t understand how technology can be used. They don’t have a technology view of their business. People very often accuse IT people of not being business-focused. But I think there’s an alternative accusation: Business managers and business strategists don’t really have a technology view of their business, and yet this stuff is absolutely in the skeleton of the operation. It’s a two-way thing, and quite frequently, technology gets blamed for things that business people are not actually doing themselves.

Strategic risk refers to the vulnerabilities companies face because of poorly envisioned or executed business strategies. Within business technology management, the focus is on risks at the intersection of business technology and business strategy. Regulatory compliance refers to corporate adherence to different regulatory expectations related to financial reporting and data management. Poor regulatory compliance invites liabilities of civil or criminal punishment and shareholder lawsuits. Other forms of risk include systems and sourcing risks. Although business and technology executives are likely to manage those forms of risk, the management of strategic risk and regulatory compliance must reside at the board level.



12>
 
 
 
 
Faisal Hoque, Founder, Chairman and CEO, BTM Corporation Faisal Hoque is the Founder, Chairman and CEO of the Business Technology Management Corporation. BTM Corporation innovates new business models, enhances financial performance, and improves operational efficiency at leading global corporations, government agencies, and social businesses by converging business and technology with its unique products and intellectual property (IP). A former senior executive at General Electric (GE) and other multi-nationals, Mr. Hoque is an internationally known, visionary entrepreneur and award winning thought leader. He conceived and developed Business Technology Management (BTM) to direct the social and economic growth of organizations by converging business and technology, helping transform them into "whole-brained enterprises." He is the author of "The Alignment Effect," "Winning the 3-Legged Race," and "Sustained Innovation," among other publications.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters



















 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date