Monday, February 19, 2018

We are all Risk Managers!

Image result for IT risk management
<<At Silicon Valley Bank, I actively work on increasing the risk awareness among our global workforce - specifically among those who work in IT. One of the methods I use to reach a large audience is by publishing a quarterly newsletter. Through surveys, we found that our audience prefers short and non-technical pieces.  With that in mind, I wrote the following introductory article about IT risk management. I expect that I will follow up with another article that goes into further details about this topic.>>
We drive slower when it rains. We look both ways when we cross the street. We take medicine when we feel ill.
Risk management is simply a tool that helps us weigh options, consider alternatives and make decisions. The reason why we drive slower when it rains because we know it reduces the odds of us getting into an accident.

Is risk management all about trying to prevent “bad stuff” from happening?

Absolutely not…Risk management also enables us to better evaluate the upside of the options available to us and choose the one that is best in line with our goals.

Ok… But what about IT risk management?

It’s natural to wonder why we should care about IT Risk Management; understanding key concepts could help with that: 

o   IT Risk: Any risk stemming from the use of or exposure to information technology
o   IT Risk Management: Processes and structures to identify, assess, report and address IT risk
o   IT Controls: Activities we perform to mitigate one or more risks

Let’s explore why IT risk management is becoming more important every day.

Nowadays, it’s hard to imagine any company that does not use technology for most of its main processes, transactions and manufacturing. You probably heard the news about the well-publicized hacks, data losses, and system crashes impacting major companies. Evident from these events, inadequate IT Risk Management could result in lost revenues and business opportunities, inefficiencies, fraud/credit losses, damage to the company reputation and lost client relationships.

In IT, we have responsibilities ranging from keeping our technology systems up and running to implementing new systems and processes. We run majority of our technology related processes and controls (patching, backups etc.) ourselves in the background. In addition to these, many of the bank’s processes (reconciliations, dual signatures, authentication to systems etc.) have major dependencies on technology that we support.

To make the best risk-based decisions for our organization, all these activities should follow a certain rigor. Following our established processes and controls helps us effectively manage our risk. In that regard, we all contribute to managing our risk by following our processes, finding issues and addressing them.

The next time when you think about risk, just remember:  You are a risk manager… We all are!


  1. Many think that its justified, despite all the trouble however in light of the fact that they have a superior possibility of getting an advancement or finding work. ExcelR PMP Certification

    1. Great Article Cloud Computing Projects

      Networking Projects

      Final Year Projects for CSE

      JavaScript Training in Chennai

      JavaScript Training in Chennai

      The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

  2. I’ve been searching for some decent stuff on the subject and haven't had any luck up until this point, You just got a new biggest fan!..
    ExcelR pmp certification

  3. Attend The PMP Training in Bangalore From ExcelR. Practical PMP Training in Bangalore Sessions With Assured Placement Support From Experienced Faculty. ExcelR Offers The PMP Training in Bangalore.
    ExcelR PMP Training in Bangalore
    Data Science Interview Questions

  4. This is my first visit to your blog! We are a team of volunteers and new initiatives in the same niche. Blog gave us useful information to work. You have done an amazing job!
    PMP Certification Training in Bangalore

    1. Thank you so much for the kind words. I am glad you found the content valuable.

  5. It was wondering if I could use this write-up on my other website, I will link it back to your website though.Great Thanks. Governance Risk and compliance

    1. Hi Faizan,

      Thank you for the compliments. As long as you reference and link my site, please feel free to use this on your website.

  6. Cool stuff you have and you keep overhaul every one of usPMP Certification

  7. Awesome. Glad you found it useful.

  8. Thanks for posting the best information and the blog is very science interview questions and answers