Strategy Execution for Risk Management

By Faisal Hoque Print this article Print

Risk management and IT continuity are complex and critical disciplines.

No investments can be effective in the long term without consideration of risk. The consequences of not doing adequate business continuity planning can be potentially disastrous.

The outcomes of inadequate risk management span the gamut from financial losses to a loss of customer goodwill that may well threaten the long-term viability and survival of a firm. Today, with an increasingly unforgiving regulatory environment and legislation such as Sarbanes-Oxley that requires business technology systems to function without error, executives need to be concerned about risk management more than ever before.

Business risks can be both internal to the firm, such as rolling out an inadequately tested system, as well as environmental, in the form of an unanticipated natural disaster. This two-sided model creates a challenge for business and technology executives. The former type of risk is somewhat more recurring, predictable and perhaps controllable, and, therefore, the business case for investment in risk management is often easier to justify. Meanwhile, the latter type of risk is unanticipated and episodic, and the typical firm questions the outlay of resources to protect against such rare occurrences.

At its essence, risk management involves three steps:
(1)    Identifying the nature of risks inherent in the situation
(2)    Assessing the likelihood of the risks manifesting themselves
(3)    Taking preventive and corrective action to reduce the firm’s level of exposure to the risk.

The past three decades of business computing have contributed much to our understanding of risk in the technology context. Unfortunately, a dominant focus in this prior work has been narrow – on controlling and managing projects, rather than on the broader risks that executives face in firms where technology is deeply and fundamentally embedded within the business. Indeed, the turn of the century has heralded significant changes in the business technology milieu that have created a compelling need to expand the focus of risk management from the micro project view to a broader enterprise perspective.

These changes include an increasing emphasis on:
(1)    “Buying” and customizing packaged solutions rather than building systems in-house, i.e., on solutions integration rather than software development
(2)     Partnering with a wide array of providers to acquire needed technical competencies and skills, including taking advantage of off-shore resources
(3)    Using business technology for systems that span organizational boundaries and help link customers, through electronic commerce and CRM systems, suppliers, through fully integrated electronic supply chains, and other business partners together
(4)    Deploying business technology as the platform upon which the entire business is run.

This article was originally published on 2009-05-05
Faisal Hoque, Founder, Chairman and CEO, BTM Corporation Faisal Hoque is the Founder, Chairman and CEO of the Business Technology Management Corporation. BTM Corporation innovates new business models, enhances financial performance, and improves operational efficiency at leading global corporations, government agencies, and social businesses by converging business and technology with its unique products and intellectual property (IP). A former senior executive at General Electric (GE) and other multi-nationals, Mr. Hoque is an internationally known, visionary entrepreneur and award winning thought leader. He conceived and developed Business Technology Management (BTM) to direct the social and economic growth of organizations by converging business and technology, helping transform them into "whole-brained enterprises." He is the author of "The Alignment Effect," "Winning the 3-Legged Race," and "Sustained Innovation," among other publications.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.