PFPC: Building an IT Risk Management Competency
Author(s)
Westerman, George; Walpole, Robert
Download4549-05.pdf (319.9Kb)
Metadata
Show full item recordAbstract
IT Risk management is becoming increasingly important for CIOs and their executive counterparts. Educators and managers have materials they can use to discuss specific IT risks in project management, security and other risk-related topics, but they have few resources they can use to have a holistic discussion of enterprise-level IT risk management. This case is intended to address the gap. It describes the IT risks facing a large financial services firm, PFPC, as a result of rapid growth, a large merger and distributed management of the IT function. The firm’s first enterprise-wide CIO, Martin Deere used risk management as a key pillar in a major revamp of the firm's applications and IT capabilities. The case is rich in detail on the firm's IT risks, the new risk management process, including examples of the firm's risk management tools. It also describes early lessons and outcomes in the implementation of risk management capabilities. The case has enough richness and potential controversy to engage students from the undergraduate through executive levels in an informative and interesting discussion of IT risk management.
Date issued
2005-07-29Series/Report no.
MIT Sloan School of Management Working Paper4549-05CISR Working Paper352
Keywords
IT risk management, IT governance, IT architecture, IT transformation