ITMPI FLAT 003
Main Menu
Home / Uncategorized / Integrate IT Risk Management With Enterprise Risk

Integrate IT Risk Management With Enterprise Risk

If IT security execs want great buy in for their efforts, they need to make themselves more important to the organization as a whole. According to Ericka Chickowski, this means IT governance and risk need to merge with overall enterprise risk management. This integration can make executive level support of IT security can make getting funding and resources just a matter of business instead of an outside request. Citing an Ernst & Young report, Chickowski shows how enterprise and risk management generally develops without any alignment to the rest of the business, and this is a mistake: “A challenging economy, natural disasters, and technology threats have dominated the news of recent years,” says Jerry Goldberg, partner at Navigate, a management consulting firm in Philadelphia. “Governance boards and executives are under increased scrutiny to provide shareholders with peace of mind that a company's risks — strategic, operational, financial, and compliance — are proactively being identified and mitigated.” Unfortunately, when IT risk management is siloed off from the rest of the enterprise risk management program, it becomes difficult to offer that peace of mind when communication is confused because the language that IT risk managers speak doesn't jibe with the language financial risk managers speak, for example. There are ways to bring together the different silos of risk management, including using the same process no matter what area of risk management is being addressed, utilizing risk management to help facilitate action through data mining, and helping the business determine the right balance between risk, cost, and value.

About Matthew Kabik

Matthew Kabik is the former Editor of Computer Aid's Accelerating IT Success. He worked at Computer Aid, Inc. from 2008 to 2014 in the Harrisburg offices, where he was a copywriter, swordsman, social media consultant, and trainer before moving into editorial.

Check Also

The Seven Activities of Project Closeout

People go crazy when a TV show like Firefly or Agent Carter gets canceled, because …

Leave a Reply

Your email address will not be published. Required fields are marked *