|
IT Risk Management
Planning Cost-effective Mitigation of Risks to IT Services
Published December 2008
|
|
|
Introduction |
In any organisation large enough to deploy IT solutions, IT systems deliver substantial value through the automation of repetitive tasks; the synchronisation of interactions with customers, suppliers, and partners; the management of high-value and sensitive information and the delivery and analysis of this information on behalf of users; and increasingly the automation and optimisation of end-to-end processes and the enforcement of business and statutory policies. For each of these benefits, IT professionals have to be ready to answer the inevitable question: “What happens when it goes
wrong?”.
IT systems are fallible: they can fail for different causes and in many different ways. Sometimes a failure will be immediately obvious to the organisation, and the business might start to suffer considerable financial loss straight away. In other circumstances a failure might be insidious, causing cumulative damage that might go unnoticed for a considerable period. However, other failures, although apparent, might be relatively trivial in their impact and would not justify the cost of a high-technology fix.
|
|
|
|
|
|
 |
