IT Focus Area: Security
May 20, 2015
Program Governance: Are You Organized for Success?
Far too many enterprises are building a house of cards by insisting that Information Technology (IT) alone should manage IT-related risks. As competitive pressures consistently push the organization to “do more with less”, the disproportional investment in people and processes that are expected to support change and transformation often increases IT-related risks present in the organization.
To truly improve this situation, changes to the organizational structure itself are likely needed to ensure that resources are available that can identify, articulate and manage IT-related risks throughout the organization.
The need for enterprise risk management principles is not a new concept and is well documented. However, there is not much prescriptive guidance as to exactly how risk management should be integrated into IT functions, making it extremely difficult for teams that are already stretched beyond capacity to find the time to develop and execute a strategy that will clearly extend well beyond just IT.
View the on-demand recording to explore:
- How organizational structure affects IT risk management.
- What the target state should look like.
- Why enterprise standards are the cornerstone of risk management.
- Best practices for managing compliance and ongoing risk.
- How metrics are an ideal vehicle to communicate the need for action.
Check out the slides from the Meet the Experts web event,
or listen to the on-demand recording below.