Enterprise Risk Management In IT

Risks are an inherent part of any project and will always be a part of the organizations
life.  There are many kinds of risks like fire, natural calamities, the economy, production
and many more are being discovered as the world goes into globalization and as
technology advances.  With IT management, risk is even more pronounced because of the
complexities of its advancement.  Independently handling the different risks used to be
the norm of the IT department.  But today, pulling all these risks together has now
become the main objective of enterprise IT management.

Traditionally, various risks had its own type of risk management. The IT department had
to handle downtime risks, service delivery, resource allocation, and many other kinds of
risk.  But as the risks got more and more complicated, organizations have now realized
the importance of identifying and more importantly, pulling similar risks together instead
of treating them individually.  The management of IT risks in the enterprise level through
identifying enterprise-wide risks is the current trend of many organizations.

Risk should be treated as any event or situation that can hinder the organization from
attaining its goals and business objectives.  Enterprise risk management has identified
risks as strategic, operational, financial, and hazard and any or a combination of these
four can significantly deter the IT management in completing its project.  But pulling
risks together and handling them from the top down, risk management can be handled
easily through proper studying of all potential risks–from the ones most likely to happen
to those that are unlikely to happen–every risk should be treated as a potential.