Risk Management – The Key to Service Digitization

Profile image for olagunj2
December 6, 2017 | Views: 1179

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

I recently read somewhere that we send around 205 billion emails across the world every day. Even the self-professed Luddites amongst us, have been forced to interact with technology in this age. Digital applications have become irresistibly pervasive.

Businesses are expected to develop and deliver the innovation customers now demand to support their changed behavior.  Digitization has spawned a change in consumer behavior based on the improved capabilities of personal devices, many of which are mobile.

The capability of mobile devices has also allowed employees to adopt new work practices. Creating a flexibility that was not previously imagined. This has changed the dynamic of the business relationship with organizations from both the customer and staff perspectives.

The digital age has brought a plethora of opportunity for business. New services and new ways of doing business are regularly created. New ways of increasing customer satisfaction are also championed. These practices rightly boost company profits, but also introduce a variety of risks into the business landscape.

Project Management to successfully deliver the change is fraught with risk. History is littered with the carcasses of businesses from failed projects. The Black Hat 2017 survey report found 73% of Hackers surveyed said traditional perimeter security firewalls and antivirus are irrelevant or obsolete. Every organization is vulnerable. Cyber security is a big threat to the success of modern business. Companies of all sizes are at constant risk of falling victim to disruptive attacks such as phishing, DDoS or ransomware. Furthermore IT decision makers must find ways to allow their staff access analytical data securely from any location. The cost of failure from any of these areas of change management, cyber-attacks or loss of data can run into the millions and can wipe out companies failing to take proper care.

As if that wasn’t enough there’s still the personal element. The loss and in some instances the abuse of personally identifiable information (PII) has created the need for far-reaching compliance regulations. GDPR is an example, the regulation gives the option to punish businesses with crippling fines for failing to secure their systems and data appropriately.

The risks are real, the costs are significant and the likelihood is high, businesses need to have an effective response available.  Clearly, the transition to a digital operating model requires effective and efficient risk management.  Fortunately, ISACA has provided some guidance for this. Just like Project Management, it’s about successfully adapting it to the specific environment or circumstances.

ISACA is an independent, non-profit, global association, which provides industry-leading knowledge and practices for information systems. ISACA uses CRISC, Certified in Risk and Information Systems Control to set the standards and practices for IT and business professionals who develop and maintain information system controls. The method also provides guidance for security operations and compliance procedures.

The goal of risk management is to reduce risk through mitigation techniques. Despite the best mitigation strategies and implementations, risks cannot be completely eliminated. The risks left within the organization after all mitigations are known as residual risk. The aim of risk management is to keep residual risk within the risk tolerance set by the management of the organization. Management makes sure the risk aligns with the overall business objectives it is therefore within tolerance as agreed in the organization.

If management don’t have the capability or capacity for risk management they need to get resources that will provide;

  1. Firm understanding of the impact of IT and Enterprise risk and how those affect the organization.
  2. Effective plans and implementation strategies to mitigate risk.
  3. Objectively driven risk-based decisions.
  4. The knowledge to set a baseline for risk management within the organization.

It’s only when we are comfortable that the risks from a digital transformation journey are within our set tolerances, that we can envisage a successful conclusion to digitization.

Share and Earn Cybytes
FacebookTwitterGoogle+LinkedInEmail
Save
+1
5
0
Use Cybytes and
Tip the Author!
Join
Share and Earn
Cybytes
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Be the Best at Whatever You Do.
We Have the Tools to Get You There.
Visit the NEW Marketplace of Over 500 Skill Enhancement Tools.
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

DUHK: The Technique That Got the VPN Compromised
Views: 2704 / December 10, 2017
What is Docker? [Series]
Views: 2976 / December 9, 2017
Wanna-Cry Ransomware
Views: 2832 / December 9, 2017
The Abyssal Depth of the Deep Web
Views: 2771 / December 8, 2017
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel