IT for many organizations represents risky endeavours, from the strategic risk of deciding on applications, to the project and implementation risk involved in making it happen. Beating IT Risks aims to assist all stakeholders in organizational information technology meet the significant challenges IT presents.
"Beating IT Risks is an extraordinary book that brings many diverse issues clearly before its readers, irrespective of their backgrounds. It is one of the most important, realistic and practical books on this subject ever written particularly for IT managers ... I hope you will read it carefully and pay careful heed to its recommendations which if diligently pursued can save us all a lot of grief."
Peter G. Neumann, Palo Alto, California, USA, Principal Scientist, SRI International′s Computer Science Laboratory and Moderator of the ACM Risks Forum
1 Thriving on risk.
Complications and deficiencies.
The cure for your IT risk headache.
2 IT governance framework.
Different approaches to governance.
Building a framework for your organization.
Design and implementation issues.
Case study: Aventis.
3 IT risk portfolio.
Introducing the IT risk portfolio.
Implementing an IT risk management capability.
Case study: European fleet management services provider.
The impact of project failure.
Organizational, program and project views of risk.
Understanding IT project risk factors.
Alternative philosophies for delivery assurance.
Identifying, reporting and managing project risks.
Case study: Agility.
5 IT services.
IT service failures that impact your business.
Planning and preparation.
Implementing IT service continuity.
Case study: Police service.
6 Information assets.
Accessing your information assets.
The impacts of information asset exploitation.
The impacts of degraded information assets.
The dimensions of security.
Implementing information asset management.
Case study: Investment management.
7 IT service providers and vendors.
The dimensions of service provider failure.
The dimensions of vendor failure.
Managing service provider risk.
Managing multiple IT service providers.
New and emerging risks in IT service provision.
Case study: Financial services.
The impacts of IT application failure on your business.
The evolution of IT application risk.
IT application risk profiles.
Software assets and liabilities.
The lifecycle approach to managing risks.
Case study: Leading water company.
How IT infrastructure failure impacts your business.
IT infrastructure s evolving risks.
Moving towards set and forget .
De–risking infrastructure transformation.
Case study: GCHQ.
10 Strategic and emergent.
The impact of IT failing to support the execution of your business strategy.
Driving shareholder value through IT–enabled business change.
The influence of your IT capability on business capability.
Case study: Egg.
11 IT and other enterprise risks.
Relating the IT risk portfolio to other types of enterprise risk.
Supporting risk–based management with IT.
The dependence of IT risk management on broader enterprise competencies.
Appendix 1: Review checklists.