Enterprise Risk Management: The Art of Avoiding Unpleasant Surprises

By Aberdeen Group

Report Description: The two fundamental purposes of this report are first, to identify the strategies, high-level tactics, internal capabilities and frameworks, technologies, and services that top performing companies are employing to realize substantial business benefits from their Enterprise Risk Management (ERM) programs. Secondly, to provide a roadmap of actionable analysis and recommendations that both companies planning to develop an ERM program for the first time, and companies seeking to augment and optimize an existing initiative can leverage to improve their performance in assessing and managing risks strategically across the enterprise.

Top Business/Technology Issues Survey Results

by ISACA

In May 2008, ISACA conducted a survey of members, managers and above to identify current business issues, supported by technology. Responses were classified by industry, geographic area and constituency (assurance, IT management and security management). This report summarizes the findings of the survey and provides a concise view of the most prevalent current business/technology issues. Read More

IT Governance in Practice
Advisory and Tax

by PWC

Insight from leading CIOsPricewaterhouseCoopers has interviewed a number of CIOs worldwide to obtain their views on IT Governance,
their experience in implementing IT Governance, and what it takes to make IT Governance work. Read More

Best Practices: Implementing A Governance, Risk, And Compliance Program

By Chris McClean, Forrester

Software applications for managing governance, risk, and compliance (GRC) continue to mature with impressive features and functions. Even more impressive are the organizational and strategic advancements companies are making by closely linking these three traditionally distinct functions; benefits include reduced risk exposure, lower audit costs, better overall compliance, and more informed decision-making. To identify the best practices for implementing a GRC program and realizing these benefits, Forrester interviewed 21 professionals who have demonstrated success in this area and 23 software vendors that market GRC products. To replicate similar success in your GRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. To obtain a complimentary copy of this report, click here.

Key Issues for Information Archiving and Retention,2007

Kenneth Chin, Carolyn DiCenzo. Gartner

Well managed information archives are crucial as organizations strive to meet new compliance and discovery requirements. Gartner identifies five key issues for consideration during 2007 for information archiving and retention management technologies. Read More

Data Governance in the Software Lifecycle
Assuring the security of sensitive information

First published: May 2008

by Martin Atherton, Jon Collins and Dale Vile. FREEFORM DYNAMICS

Many organisations have been driving improvements in information management to gain better control over their information assets. While things in this area are not perfect, awareness of the challenges is now high and action is being taken to enhance capability in the areas of compliance, discovery and, not least, data security. But are all the bases adequately covered? Read More

The Risk Intelligent CIO: Becoming a Front-Line IT Leader in a Risky World

By Lee Dittmar
Principle, Deloitte Consulting LLP

Issue No. 6 in the Risk Intelligence Series

The responsibilities facing today's chief information officer (CIO) are more demanding than ever, and CIOs are increasingly aware that informaton technology (IT)-related problems can come at a staggering cost to their organization's bottom line and reputation. Perceptive CIOs realize that simply managing technology risks - however effectively they do so - is insufficient. They understand the imperative to exploit technology to manage risk across the entire enterprise, not merely within the IT department.

With heightened sensitivities around the issue of risk management, CIOs and IT professionals face both challenges and opportunities to attain a higher level of risk management, operational excellence and competitive advantage.

The sixth title in our series on risk intelligence provides IT executives with practical guidance on how to leverage technology to intelligently manage the risks they face across the enterprise.

To view the entire paper, click here.

Coming to grips with IT risk

A report from the Economist Intelligence Unit sponsored by SAP

What is the greatest risk to any large business? Most executives would say it is information technology (IT) failure. Companies fear IT collapse more than they do terrorism, natural disasters, financial risk or regulatory constraints-and with good reason, for IT failure can make any business go into a tailspin. Read More