This approach allows companies to monitor critical risk interdependencies and make smarter decisions about which risks or opportunities to take versus those that are dangerous risks and to be avoided. This is also known as enterprise risk management (ERM). As part of this initiative, companies aim to underpin their risk efforts with a common set of processes, tools and applications that can support the business.
ERM is an approach rather than an off-the-shelf product
ERM aims to align strategy, people, processes and technology. While technology plays a key role in supporting ERM, it is not an off-the-shelf product. Fundamentally, it is a process framework enabled by IT tools and applications that looks to ensure all risks are identified, managed and mitigated across the entire business. ERM technologies including data integration, analytics and BI support this process by supporting d ata collection and storage, risk analysis and modelling, risk monitoring and risk reporting.
The need to measure, monitor and report on key performance indicators means ERM has a close affinity with enterprise performance management (EPM). As a result we expect to see an increasing emphasis from companies on aggregating and reporting on risk management data, and greater synergies between performance and risk metrics that monitor and measure the impact of risk taking in relation to company strategy and individual performance targets. However, the task of assimilating a metric that can measure, predict and anticipate the impact of risk on the corporate strategy should not be underestimated. Thats because not all risk is bad, and any company will invariably have to live with risk. The question is, how much risk is a business willing to take on board? Unfortunately theres no business manual written for that as yet.
Helena Schwenk is a Senior Analyst within Ovum's Technology Group
Sign up for Computerworld eNewsletters.