Beating IT Risks
May 2005, ©2005
1 Thriving on risk.
Complications and deficiencies.
The cure for your IT risk headache.
2 IT governance framework.
Different approaches to governance.
Building a framework for your organization.
Design and implementation issues.
Case study: Aventis.
3 IT risk portfolio.
Introducing the IT risk portfolio.
Implementing an IT risk management capability.
Case study: European fleet management services provider.
The impact of project failure.
Organizational, program and project views of risk.
Understanding IT project risk factors.
Alternative philosophies for delivery assurance.
Identifying, reporting and managing project risks.
Case study: Agility.
5 IT services.
IT service failures that impact your business.
Planning and preparation.
Implementing IT service continuity.
Case study: Police service.
6 Information assets.
Accessing your information assets.
The impacts of information asset exploitation.
The impacts of degraded information assets.
The dimensions of security.
Implementing information asset management.
Case study: Investment management.
7 IT service providers and vendors.
The dimensions of service provider failure.
The dimensions of vendor failure.
Managing service provider risk.
Managing multiple IT service providers.
New and emerging risks in IT service provision.
Case study: Financial services.
The impacts of IT application failure on your business.
The evolution of IT application risk.
IT application risk profiles.
Software assets and liabilities.
The lifecycle approach to managing risks.
Case study: Leading water company.
How IT infrastructure failure impacts your business.
IT infrastructure’s evolving risks.
Moving towards ‘set and forget’.
De-risking infrastructure transformation.
Case study: GCHQ.
10 Strategic and emergent.
The impact of IT failing to support the execution of your business strategy.
Driving shareholder value through IT-enabled business change.
The influence of your IT capability on business capability.
Case study: Egg.
11 IT and other enterprise risks.
Relating the IT risk portfolio to other types of enterprise risk.
Supporting risk-based management with IT.
The dependence of IT risk management on broader enterprise competencies.
Appendix 1: Review checklists.
Luke Silcock consults extensively on all aspects of IT management for PA Consulting Group and its numerous major international clients. Since graduating from the University of New South Wales in 1992 he has maintained a keen focus on the practical aspects of IT strategy and implementation in his work with IT managers and business leaders.
- A unique guide to risk in IT projects, that sits above more specialist titles to offer a ‘helicopter view’ of the whole topic and an integrated approach to solutions
- Draws on real-world, global PA Consulting Group case studies along with examples from the authors own direct experience in managing IT risk
- Sits at the intersection of three key topics – corporate governance, risk management and IT management – and brings together aspects of each