IT Governance, Risk, and Compliance

Jul 6 2010   6:10PM GMT

Not-for-profit Risk Management – Part II

Robert Davis Robert Davis Profile: Robert Davis

By definition, strategy is the skill in managing or planning an approach to achieving an end. It is crucial to accomplishing an entity’s long range plans. Strategy is concerned with controlling the entity’s destiny and achieving stated goals; while planning is a formalized procedure to produce an articulated expected outcome, in the form of an integrated system of decisions. However, as with most decisions there are risks. IT strategic risk is the current and prospective affect on value delivery arising from adverse decisions, improper deployment decisions, or lack of responsiveness to environment changes; whereas IT planning risk is the current and prospective affect on the control environment arising from incorrect identification, improper design decisions, or lack of reliable information. Thus, the prerequisite to sustaining a holistic strategy is adequate risk management planning.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: