Main Menu
Home / IT Governance / Integrating Business Continuity Management with IT Risk Management

Integrating Business Continuity Management with IT Risk Management

It is difficult to make an informed decision when you can’t see the whole picture. Unfortunately, many executives are forced to make critical risk management choices while only having a fragmented view of what is going on. This is the focus of an article by Chris Goodwin, Co-Founder and CTO of LockPath. Goodwin argues that the separation of business continuity management and IT support may be contributing to the cause of less than desirable risk management:

Traditionally, this separation between BCM and IT has occurred and persisted due to a lack of shared world-view. BCM teams have been employing a risk-based approach for longer than IT or their cousin information security (infosec) teams. Additionally, the data-sets used for managing each program has often had minimal overlap, for better or for worse. Similarly, reporting tools tend to have little overlap as they tend to grow independently to meet the needs of each faction, rather than coming from a common pedigree. Fortunately, IT GRC tools have now begun integrating BCM functions and reporting, allowing business leaders better, more complete insight into operational risk.

Goodwin also mentions that there is a good deal of consideration needed when using tools. What do we need? How much do we need? Do we even need anything? Goodwin notes that one must decide if a tool helps to break down silos, eliminates redundant efforts, and/or leverages expertise from IT. If your tool fails to meet even one of these requirements, it is most likely not useful for your risk management.

Goodwin reminds us that the ability to evolve to deal with business needs and risk management is one of the most critical components to success. Business continuity and risk management may never be on the same page, and everyone must be prepared for this reality. If your organization as a whole is able to adapt and resist falling into futile habits, you will surely see a return on your efforts.

About Anne Grybowski

Anne is a former staff writer for CAI's Accelerating IT Success, with a degree in Media Studies from Penn State University.

Check Also

How to Identify and Manage Secondary Risks

Have you ever created a problem in trying to solve one? Secondary risks, or risks …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time