You've seen the story repeated in period books and movies many times, the hardworking small business owner (shopkeeper, farmer, smithy, tailor) working to make a living for the family in the face of adversity. Whether facing a frontier, adverse climate, difficult economic times or that big, bad new mega competitor they seek opportunity amidst adversity.

They seek return while managing risk. For the small business, risk is often more dramatic and apparent than the large business, making better stories. Yes, even cartoon characters struggle in the face of threats to their objectives. So why is it so difficult for risk managers to carry this message home to larger organizations? Why is it so difficult for IT & physical infrastructure risk managers to carry this point, even in organizations where risk management is otherwise of great concern? While the exact answers are often organization-specific, some common causes apply across organizations.

It can often help to consider the questions in your organization in two lights:

• What "risk" means and how it is used.
  
• How well your approach to IT risk management is balanced.

Risk and Risk Management

Organizations can get tripped up when they don't have a clear view of what "risk" means. For some, a "risk" is the same as a threat, a potential event or incident that can happen -- an accidental cable cut. For others "risk" is an impact -- the events that unfold if a threat actually happens against a specific asset or assets. For example, the cut of a communications cable for a customer contact center can reduce, delay or eliminate the ability to process transactions. Others will evaluate this in terms of outcomes -- lost of revenue, customer satisfaction or increased cost. Still others might put "risk" in consequence terms of reputation loss or regulatory penalties.

Yet, classically, risk is pretty simple math -- the likelihood that something will occur multiplied by the impact if it occurs. For example, a person's potential blood pressure, price of a stock, or a little shop running out of milk to sell.

Second, we can think of at least two ways to evaluate and act on risk.

-1-

Explore Our Topics

• BPM & Enterprise Architecture
• BPM Standards
• BPM Implementation
• BPM Best Practices
• Continuous Process Improvement
• BPM Governance
• Service Governance

• Business to Business (B2B)
• BPM for Supply Chain
• BPM for Customer Management
• BPM for Financial Services
• BPM for Healthcare & Insurance
• BPM for Government

• Business Activity Monitoring
• Event Processing
• Process Intelligence
• Business Rules Management
• Decision Management
• Operational Intelligence

• Workflow Automation
• BPM & Enterprise 2.0
• BPM & Web 2.0
• BPM & ECM
• Case Management
• Collaboration
• Enterprise Portals
• Social BPM

• BPM & Cloud Integration
• BPM Analysis & Optimization
• Business Process Simulation
• Process Visibility & Monitoring
• Process Orchestration
• Process Discovery
• Process Modeling

Home
Webinars
Blogs
ebizQ Forum
All Topics
Subscriptions
White Papers
Analyst Corner
Follow us on Twitter
Fan us on Facebook

Explore Our Topics

BPM Strategy
BPM Solutions
Event Processing Strategy
Content-Centric & Collaborative BPM
Process-Centric BPM

About Us
Editorial Submissions
Feedback
FAQ
Advertise With Us
Site Map
Privacy Policy
Unsubscribe