Project Management OfficeRisk Management

Risk Optimization to Get IT Governance Visibility

Information technology governance and risk management have operational collaboration. Both can mitigate risks within organizations together. Nonetheless, many people suggest that the governance of enterprise IT (GEIT) is critical for business growth. Do you think GEIT is enough to execute and maintain governance visibility? In this article at ISACA, Guy Pearce explains poor management’s ramifications and how it may be detrimental for an organization.

Learn from an Instance

The UK financial services regulator has penalized the Royal Bank of Scotland (RBS) with US$9.7 million for poor governance practices. Long-term shareholders have suffered a loss of more than 95 percent of their overall investment. It happened due to a failure of corporate governance on numerous fronts.

Where is the Gap?

Optimization of IT risks is one of the prime reasons for GEIT execution in businesses. The board members and employees are responsible for IT governance and risk management. Creating a compliance culture is imperative to encourage qualitative and quantitative assessments. Its failure directly impacts risk management.

Given the intricacies of institutionalized transformation, the critical driving forces encouraging undesirable behavior are:

  • Limited understanding of the client’s demand
  • Leadership behavior to influence staff
  • Exceptional talent acquisition yet selection of limited skilled employees
  • Reinforcing a formal mechanism to build business infrastructure, processes, and technologies to support business transformation

The success of GEIT depends on your risk management strategy. However, overlooking critical success factors (CSF) of culture might also turn ineffective. Take RBS as an example to understand how IT governance failure happened due to vulnerabilities in user engagement. Proactive incorporating culture is the by-product of GEIT and is necessary for the success of enterprise IT governance. Thus, develop a strong grasp over the risk, regulation, and compliance needs and maintain visibility for effective governance.

Click on the following link to read the original article: https://www.isaca.org/resources/isaca-journal/issues/2019/volume-3/the-sheer-gravity-of-underestimating-culture-as-an-it-governance-risk

Show More
Back to top button
X

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.