- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
Amy Schurr dispenses advice on managing human and capital assets for maximum ROI.
When your organization talks about risk management, what does it mean? According to Gartner, many enterprises are inconsistent in the use and application of the term. So it's no surprise that risk management often ends up siloed into separate functional areas such as business continuity, security, management and privacy.
Gartner’s recent report, "A Risk Hierarchy for Enterprise and IT Risk Managers," emphasizes the need for a holistic view of risk. "An enterprise that wishes to better understand and manage the risks to which it is exposed should begin with enterprise-specific risk definitions and an organizational risk hierarchy to which all risk-related specialists can align," says Paul Proctor, vice president and distinguished analyst at the IT research firm. "Although no single definition will work for all enterprises, it is important to start from a common, overarching framework to eliminate overlap, avoid gaps in coverage and ensure good governance."
In order to make risk management more effective in your IT organization, Gartner offers 7 steps:
1. Implement a framework for risk assessment and mapping.
2. Outline the responsibilities of risk managers with their respective domains.
3. Identify and define the risks to which the business is exposed and how to map incidents.
4. Determine the threat level and focus on the risk that have the greatest potential to affect enterprise performance.
5. Establish levels of controls for processes commensurate with the perceived threat.
6. Record and retain risk incident and near-miss information.
7. Conduct periodic risk assessments to determine changes in your company’s risk profile and assess performance.
Amy Schurr is the former managing features editor of Network World.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout’s nGenius & Sniffer users.
www.netscout.com
Metzler on CIO Priorities
The top five CIO priorities based on a survey of NetScout users revealing CIOs' top priorities and what they think they should be. Also includes interviews with CIOs of large organizations.
Read the Report
Metzler on Application Delivery
How to eliminate the stovepiped or siloed nature of application delivery from both an organization and a technological perspective.
Read the Brief
Metzler on Network Troubleshooting
Overview of network troubleshooting that provides an assessment of where we are, and where we need to be relative to the complexities of today's IT challenges.
Read the Brief
Comment