The 20th century was the era of a preoccupation with management. There were a lot of management theories, management consultants and even management gurus. However, the primary focus for the 21st century will be corporate governance. Corporate governance is about the way power is exercised over corporate entities which all have to be governed. They all need a governing body. In the case of companies the governing bodies are the boards of directors. Corporate governance covers the activities of the boards and their relationships with the shareholders or members, and also with company’s managers, external auditors, regulators, and other legitimate stakeholders.
This first article introduces a planned series of articles. It also discusses the impact of change on risk levels with some examples. The objective of this series of articles is to introduce broad categories of IT Operational Risk. After the first introductory article the series will select risk categories, or specific risks, or processes and techniques which identify, report or manage identified risk.
The Impact of Change One of the greatest generators of risk is the implementation of changes to the IT environment. Larger IT organisations can implement many thousands of changes every year. Some changes have greater elements of risk than other changes. The impact of reducing the levels of change can have a significant impact on reducing the number of significant IT incidents.
Read more: An Introduction to the Identification and Evaluation of IT Operational Risk
Could IT failures be limited or avoided? In plain English, risk is defined as ‘possibility of loss or injury’ (Merriam-Webster’s Online Dictionary.) Therefore, managing uncertainty by predicting, preventing and responding to the unwanted and detrimental situation – failures should be the essence of IT risk management. However, there is no unique and formal definition of IT risk that is accepted across the IT industry.
In this series of short articles, I intend to elaborate on the nature of information technology (IT) risk, starting by explaining factors that generate uncertainty in IT endeavors, for which generations of scientists, engineers, professionals, and enthusiasts have been trying to find ways to plan and predict the outcomes.
Read more: What generates uncertainty of IT endeavors? Inadequate communication is one factor