登录查看更多内容

Risk Management: Are You Ready to Manage Your Risks? (Six Questions Every Business Should Ask)

Graham Wakerley

Chief Technology Officer

发布日期: 2016年5月17日

In the final article in the series on IT Governance, we focus on organisations approach to Risk and Risk Management.

Enterprise Risk Management is a fundamental responsibility of governance. The creation of a set of methods and processes used by an organisation to manage risk and to take advantage of opportunities related to business goals is part of the supporting framework.

There are many different frameworks available including Sarbanes Oxley, Basel II and COSO, these are heavyweight frameworks employed by large organisations who work in highly regulated industries such as Finance, Pharmaceuticals and Manufacturing meaning it is difficult for SME's to adopt such frameworks.

However it is still the boards responsibility and duty to identify and manage enterprise risk, whatever the size of the organisation. The UK's revised Combined Code, makes it explicit in that all directors are required to 'provide entrepreneurial leadership of the company within a framework of prudent and effective controls which enable risk to be assessed and managed'... meaning the leadership needs to balance risk with opportunity.

Over time as organisations have become increasingly dependent on Information Technology and Intellectual Capital assets, IT Risk Management has become a significant topic of discussion. In particular the focus has been on infrastructure security, data protection, business continuity and IT management, with the advent of the revised standards ISO27001, 22301 and 9001 which are built around a risk based approach, it means organisations can implement controls prioritised by and proportionate to the business and information risks they identify.

Adoption of a suitable methodology or framework will be a business decision based on a number of questions that need to be answered, before committing the organisation to a programme of work which could be costly in terms of effort and expenditure.

So if you've always believed that Risk Management was 'for big business', it may be time to reassess, download our useful guide Are You Ready for Risk Management - A Simple Guide to assess whether you are ready for the challenge.

It asks a few simple questions and will enable you to make the right decision for you and your business.

要查看或添加评论，请登录

查看全部

Risk Management: Are You Ready to Manage Your Risks? (Six Questions Every Business Should Ask)

Graham Wakerley

Chief Technology Officer

更多精彩文章

社区洞察

其他会员也浏览了

Risk Management - Top Level

Integrated Risk Management During Crisis

Operational Risk Management: How to Effectively Manage Threats to Strategic Objectives

Implementing Enterprise Risk Management consistent with the framework: COSO ERM or ISO 31000?

Recommended Tools for Safe Operations by Shield Consultants

Mastering Strategic Risk Management in the Modern Business Landscape

WHAT IS ENTERPRISE RISK MANAGEMENT(ERM)?

Summary of Anecdotes (2024), "The Compliance Leader’s Guide to Building a Risk Management Program"

Stay Ahead of the Game: Introduction to risk management

The secret weapon in successfully managing Risk - Executive Support

Knowledge Management: Are You Ready to manage your Intellectual Capital (Six Questions Every Business Should Ask)

2016年5月10日

Project Management: Are You Ready for Prince2(Six Questions Every Business Should Ask)

2016年5月3日

Service Management: Are You Ready for ITIL (Six Questions Every Business Should Ask)

2016年4月26日

Business Continuity: Are You Ready for ISO22301 (Six Questions Every Business Should Ask)

2016年4月19日

Quality Management - Are You Ready for ISO 9001:2015? (Six Questions Every Business Should Ask)

2016年4月12日

Information Security - Are You Ready for ISO27001: 2013? (Six Questions Every Business Should Ask)

2016年4月5日

European Data Protection Regulation - Changes Coming Soon

2016年4月4日