Although IT risks can have wide-ranging business consequences, few executives feel comfortable discussing IT risk management. It doesn’t have to be this way. Executive-level tradeoffs around IT risk are managerial, not technical. The Four A Framework of Availability, Access, Accuracy, and Agility risks provides a common language that business and IT managers can use to manage IT risks without getting bogged down in technical complexity. Then you can build a risk management capability—by improving the IT foundation, installing a risk governance process, and creating a risk aware culture—that increases the returns from your IT risk management investments.