Understanding RiskBy Samuel Greengard | Posted 2009-08-04 Print
In today’s data-centric world, organizations are striving to do a better job of recognizing and containing risks.
Enterprise risk management can touch all corners of an enterprise. However, governance, risk and compliance (GRC) typically addresses four primary challenges:
1 Business Risk: This consists of actual threats to the organization, including its products, services, intellectual property and records. Business leaders must communicate to IT leaders what issues exist and where data might reside.
2 Technology Risk: It’s important to understand what pieces of information need to be protected in what way, so that an organization can build the right IT infrastructure, says Karl Kispert, director of the Corporate Governance Advisory Practice at Huron Consulting Group. System security is also at the core of successful GRC.
3 Legal/Regulatory Risk: An organization must establish processes and systems that match legal requirements, whether that involves an e-discovery system that must comply with an e-mail retention rule or storage and encryption standards for managing credit card data.
4 External Risk: IT must address all external threats related to data storage and retention, as well as information life-cycle management. IT needs to play a central role in protecting and disposing of data properly.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...