Managing risk is not a rigid and formal activity. Actually, it’s a lot more like dancing. IT must move to the tempo of technological change and lead its business partner, giving the business useful cues while being careful not to trip or to step on its partner’s feet! A post by Pearl Zhu illustrates the more nuanced and positive aspects of the risk management “structure.”
Connecting the Steps
Some of the best dances have many rules and steps to follow. Risk management, compliance, internal audit, business processes, continuous improvement, and other functions act as a form of fluid structure that guide the proper movements and actions of IT risk management. Of course, the individual methods don’t act in isolation. An effective risk strategy involves considerable coordination between them.
Training the ‘Mind’ of Risk Culture
Just as dancing as an exercise involves control of the mind, IT risk management hinges not only on processes and techniques, but on people. It takes a kind of ‘culture of focus’ to steer projects properly, and one out-of-synch person acts like an organizational distraction. Don’t neglect human change strategies in your efforts at risk management. It is the most time-consuming and also the most involved aspect of risk.
Risk Metrics in Motion
Once all your basic organizational elements are in sync–the business with IT, various departments, managers and team members–you can really start to move to the beat! The proper risk metrics will synchronize and optimize efforts at the proper scale. Individuals will get the gist of ratio-based scalar measurements, ordinal ranking scales and the like. Eventually, you’ll end up with a flexible and agile culture of risk management dancers.
To read the original post, visit: http://futureofcio.blogspot.com/2014/12/what-is-positive-aspect-of-risk.html