Pink Elephant Blog
A Risk by Any Other Name is Still a Risk
In my role, I have the privilege of being asked to speak at various conferences on topics related to IT Management. Earlier this year I attended a gathering of IT professionals focused on Risk Management. Un-surprisingly there was an emphasis on the growing list of business legislation with an IT impact. During one of the networking breaks I sat around a table with a group of people who were obviously from the same financial organization. After introductions I made polite conversation in order to understand more about their organization and why they were attending the conference. Throughout this conversation some interesting facts began to emerge. Each of the individuals from this organization dealt with Risk Management as a primary focus of their job. (Corporate Risk Management, IT Risk Management, Information Security, and Internal Audit) What became obvious was that for the most part these folks from the same company only new each other on a casual basis. More surprising was that they viewed their jobs as completely independent. So much so that each used their own model, and tool for risk classification which in no way aligned with each other or was used for a common purpose. So my question to the reader of this blog is in what universe does this make sense? Yet a majority of organizations I work with are setup in a very similar model. Consider:
- The financial results of a company are directly a product of the business roles and processes that generate them.
- The business processes are for a large part automated by IT Services and Systems with no practical ability to revert to manual or non automated means
- The IT services are managed, delivered and supported by IT processes
- IT Professionals are directly responsible for the IT Processes
For all practical purposes there is not true ability to separate the business from its underlying technology and supporting management processes. Troy We notice things that don't work. We don't notice things that do. We notice computers, we don't notice pennies. We notice e-book readers, we don't notice books. ~ Douglas Adams (1952 - 2001), The Salmon of Doubt
Like this article? 
Comments