BOULDER, Colo., Sept. 4 (UPI) -- Colorado-based Enterprise Management Associates has released a study that calls for a strategic risk management program for information technology.
EMA explored in the study, "Governance, Risk, Compliance and Beyond: The Emergence of Strategic IT Risk Management," the convergence of IT domains ranging from performance, availability and security controls among other items are needed to align business goals with IT by developing a comprehensive operational risk management strategy. Officials say tying these initiatives into a more unified and integrated program could help organizations achieve business objectives.
"Today's enterprise faces a daunting range of IT risks -- from security, business malfeasance and insider threats to business-critical IT service availability, performance and integrity issues," said Scott Crawford, research director at EMA, in a statement. "Regulatory requirements intended to curb these risks have also driven the pursuit of more effective IT governance.
"IT risk management has become the lynchpin of all these demands. Putting a strategic IT risk management program into place can provide substantial benefits for the enterprise, not only in controlling threats to critical IT services, but also in giving the business a stronger competitive edge through more effective technology discipline."
Crawford led the study and found that risk management concepts require a unified solution for effective IT governance.
"The concept of a 'strategic' approach brings coherence to the enterprise," said Crawford. "IT risk management is no longer limited to one technology or meant to meet a single regulatory mandate. It seeks to unify and integrate siloed approaches to managing security, business, technology and trust risks -- aligning them with strategic business objectives to enable the enterprise to consistently manage and measure their control."
