Risk-based thinking needs to become a part of every IT investment. Companies are dependent on IT for the execution of core business functions and, as a result, IT failures can cause significant business failures. Because most important corporate information is stored in IT systems, they have become the nexus for new legal and regulatory risks. The process of business process automation can in itself create new strategic risks for companies, calcifying their processes and reducing their ability to react to strategic threats and opportunities. Integrating risk planning into IT can help mitigate these significant operational, legal, and strategic risks.
While IT can create new risks for companies, it can also help mitigate other types of risk and create new opportunities. IT systems can reduce the risk of business process failure, help ensure regulatory compliance, and reduce legal risks. They can even help mitigate strategic business risks. In fact, IT systems can assist in nearly every risk management process adopted by a company by providing automated assistance in the planning, assessment, remediation, and validation for all types of risk. Putting IT systems in place cannot only mitigate risk, but also enable new opportunities for efficiency and strategic advantage.
Source: AMR Research, http://amrresearch.com