Developing a Common Language About IT Risk Management

Westerman, George; Hunter, Richard

Author(s)

Westerman, George; Hunter, Richard

DownloadCommon Language WestermanHunter2.pdf (314.0Kb)

Terms of use

An error occurred on the license name. An error occurred getting the license - uri.

Metadata

Show full item record

Abstract

Although IT risks can have wide-ranging business consequences, few executives feel comfortable discussing IT risk management. It doesn’t have to be this way. Executive-level tradeoffs around IT risk are managerial, not technical. The Four A Framework of Availability, Access, Accuracy, and Agility risks provides a common language that business and IT managers can use to manage IT risks without getting bogged down in technical complexity. Then you can build a risk management capability—by improving the IT foundation, installing a risk governance process, and creating a risk aware culture—that increases the returns from your IT risk management investments.

Date issued

2009-06-01

URI

http://hdl.handle.net/1721.1/68557

Publisher

Alfred P. Sloan School of Management, Massachusetts Institute of Technology; Cambridge, MA

Series/Report no.

MIT Sloan School of Management Working Paper;4933-11CISR Working Paper;377

Keywords

IT risk, Non-IT executive viewpoint, IT governance, alignment, oversight, risk aware culture, architecture, business continuity, security, agility, regulatory compliance, privacy

Collections

Sloan Working Papers

The following license files are associated with this item:

Creative Commons