Recently IBM released its 2010 Global IT Risk Study. According to the study 74% of those surveyed agreed that the greatest benefit of improving IT Risk Management is that it ensures business continuity.
The article goes on to define business continuity as more than a natural disaster preparedness plan. “It is really about building a risk-aware culture – making sure that the necessary tools, processes and methodologies are in place, and that every individual in the organization is aware of their responsibility in regard to the safety and integrity of data.”
What a clear picture this depicts. Every business continuity plan (BCP) should take care to:
- Infuse culture with risk awareness. This starts at the top and involves more than IT.
- Invest in the right applications that help manage and mitigate risk
- Ensure that processes and methodologies are accurate and documented. Always review, revise, rewrite
- Create a program that trains and retrains employees on risk awareness and holds everyone accountable. Each department needs to have policies in place that govern the risk in their department.
Though departments may claim that BCP and Risk Management are outside of their domain, every facet of the organization depends on data on some level. We live in a data driven, technological economy. It seems as if the more data we collect, the more we need and the more technologies evolve to capture, store, and share this data. To ensure that we are adequately prepared let’s keep in mind these suggestions from the report.
When managing IT risks
- Examine and assess the organization’s IT risk capability
- Look for champions among senior leadership
- Determine how to heighten risk awareness at all levels, and within the organizational culture itself
- Look for innovative ways to implement risk mitigation procedures
- Make sure safeguards are in place to help prevent unauthorized access to company data and systems
What is your organization doing to improve it's Risk Management initiative? Do share. Learn how we can help!