Analysis of Information Technology Management: Value and Risks
VerifiedAdded on 2020/02/19
|18
|4749
|52
Report
AI Summary
This report delves into the intricacies of Information Technology (IT) Management, exploring its multifaceted value and inherent risks. It begins by defining IT and its impact, emphasizing its integral role in modern business operations. The report highlights the significant business value of IT, examining how it enhances efficiency, communication, and data management. It then pivots to address the risks associated with IT, including assessment, mitigation, and evaluation strategies. The value chain in IT is discussed, underscoring its strategic importance in achieving competitive advantages. The report concludes by summarizing the importance of IT management in business and the need for effective risk management. This report provides a comprehensive overview of the key aspects of IT management, making it a valuable resource for students seeking to understand the practical applications and strategic implications of IT in business.
Running head: MANAGEMENT OF INFORMATION TECHNOLOGY
MANAGEMENT OF INFORMATION TECHNOLOGY
Name of the Student
Name of the University
Author Note
MANAGEMENT OF INFORMATION TECHNOLOGY
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2MANAGEMENT OF INFORMATION TECHNOLOLY
Table of Contents
Introduction................................................................................................................................3
Impact of Information technology.............................................................................................3
Information technology and its value.........................................................................................4
The Business value of IT............................................................................................................6
Risk in IT....................................................................................................................................8
Origin of value chain in IT.........................................................................................................9
Risk analysis...............................................................................................................................9
Use of risk analysis..................................................................................................................11
Management of risk analysis................................................................................................11
Mitigation of risk..................................................................................................................12
Risk mitigation Planning......................................................................................................13
Risk Buffering......................................................................................................................13
Risk control..............................................................................................................................14
Conclusion................................................................................................................................14
References................................................................................................................................16
Table of Contents
Introduction................................................................................................................................3
Impact of Information technology.............................................................................................3
Information technology and its value.........................................................................................4
The Business value of IT............................................................................................................6
Risk in IT....................................................................................................................................8
Origin of value chain in IT.........................................................................................................9
Risk analysis...............................................................................................................................9
Use of risk analysis..................................................................................................................11
Management of risk analysis................................................................................................11
Mitigation of risk..................................................................................................................12
Risk mitigation Planning......................................................................................................13
Risk Buffering......................................................................................................................13
Risk control..............................................................................................................................14
Conclusion................................................................................................................................14
References................................................................................................................................16
3MANAGEMENT OF INFORMATION TECHNOLOLY
Introduction
Information technology can be considered as a term which can be used in any field
related to the mere concept of technology. Information technology helps this field to expertise
with its unique aspects and involvement. Information technology are used by many
organisation to introduce various source of activity (Skees 2016). The value term can be
directly related to then improvement of the business when IT is related to an organisation.
The value criteria directly involves delivering of a standard service to a client. The client
always expect the deli ery of the standard of the service which they expect to achieve and in
return they tend to level up the request which they desire to achieve (Meyer and Reniers
2016).
The risk associated with any technology can be a dominating part or play a
dominating role in any aspect. Every organisation tend to involve their aspects into the
information technology in order to gain advantage from the technology. Putting emphasis on
the information technology it also can be related to some of the risk factors.
The main aim of the report is to put limelight of the value of the information
technology and the risk associated with the technology. The main focus of the report would
be to point out the various aspects of information technology. The main motive of the
information technology is providing a platform in which its advantages can be applied and
overall gain can be achieved, this can be achieved by the value chain management and the
control of the risk factor which are associated with the implementation of the technology
Impact of Information technology
The impact of the information technology can be varied. The implementation of the
information technology are used by many organisation to improve their business standard and
improve their service. The term information technology (IT) is mainly composed of four
Introduction
Information technology can be considered as a term which can be used in any field
related to the mere concept of technology. Information technology helps this field to expertise
with its unique aspects and involvement. Information technology are used by many
organisation to introduce various source of activity (Skees 2016). The value term can be
directly related to then improvement of the business when IT is related to an organisation.
The value criteria directly involves delivering of a standard service to a client. The client
always expect the deli ery of the standard of the service which they expect to achieve and in
return they tend to level up the request which they desire to achieve (Meyer and Reniers
2016).
The risk associated with any technology can be a dominating part or play a
dominating role in any aspect. Every organisation tend to involve their aspects into the
information technology in order to gain advantage from the technology. Putting emphasis on
the information technology it also can be related to some of the risk factors.
The main aim of the report is to put limelight of the value of the information
technology and the risk associated with the technology. The main focus of the report would
be to point out the various aspects of information technology. The main motive of the
information technology is providing a platform in which its advantages can be applied and
overall gain can be achieved, this can be achieved by the value chain management and the
control of the risk factor which are associated with the implementation of the technology
Impact of Information technology
The impact of the information technology can be varied. The implementation of the
information technology are used by many organisation to improve their business standard and
improve their service. The term information technology (IT) is mainly composed of four
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
4MANAGEMENT OF INFORMATION TECHNOLOLY
distinct parts which mainly comprise of an organisation, information in an organisation, and
information technology and information system in an organisation.
Information technology and its value
Information technology can be considered as one of the most integrated and vital parts
in the everyday business plan and activity (Skees 2016). The information technology play a
role in every sphere of business from small organisation who run their business through
single computer system to multinational company who maintain system of mainframe in
order to conduct their business. The best way to get a hint of how information technology
plays its dominating power is by looking into the different field it occupies its position. The
field it mainly focuses are communication, data management, inventory control, management
information system and customer relation management.
Information technology in many firms are changing the overall concept of the
technology from cost centre orientation to trusted business partners within the frame work of
the business. The main intention behind the transform is the give the business the much
needed tools to be competitive in market place which is global. Before the transform the
information technology was considered as a cost centre. The IT had to mainly focusing on the
technology alone as a standalone aspect. The IT department of the different companies did
not focus on the mere concepts of the weakness, strengths, opportunity and threads.
Information technology when related to the cost factor or centre, it has been providing
services when are concentric to emails, business application access and data storage. All of
these bridges have been mainly outsourced to different vendors which is mainly done on the
basis of cost and with respect to the level of service. From the point of view of the business,
if the IT cannot provide the expected service which is the need than the outsourcing can be
considered as a reasonable approach (Hopkin 2017). When it comes to value, IT can
collaborate with the business bodies to provide the demand of the service they opted from it.
distinct parts which mainly comprise of an organisation, information in an organisation, and
information technology and information system in an organisation.
Information technology and its value
Information technology can be considered as one of the most integrated and vital parts
in the everyday business plan and activity (Skees 2016). The information technology play a
role in every sphere of business from small organisation who run their business through
single computer system to multinational company who maintain system of mainframe in
order to conduct their business. The best way to get a hint of how information technology
plays its dominating power is by looking into the different field it occupies its position. The
field it mainly focuses are communication, data management, inventory control, management
information system and customer relation management.
Information technology in many firms are changing the overall concept of the
technology from cost centre orientation to trusted business partners within the frame work of
the business. The main intention behind the transform is the give the business the much
needed tools to be competitive in market place which is global. Before the transform the
information technology was considered as a cost centre. The IT had to mainly focusing on the
technology alone as a standalone aspect. The IT department of the different companies did
not focus on the mere concepts of the weakness, strengths, opportunity and threads.
Information technology when related to the cost factor or centre, it has been providing
services when are concentric to emails, business application access and data storage. All of
these bridges have been mainly outsourced to different vendors which is mainly done on the
basis of cost and with respect to the level of service. From the point of view of the business,
if the IT cannot provide the expected service which is the need than the outsourcing can be
considered as a reasonable approach (Hopkin 2017). When it comes to value, IT can
collaborate with the business bodies to provide the demand of the service they opted from it.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
5MANAGEMENT OF INFORMATION TECHNOLOLY
The IT department has mainly focused on the advantage which it can provide on the point of
view of the better understanding and share in the vision of the business. Putting emphasis on
the understanding the IT department should be able to provide a list of better services which
the business farm would find critical to achieve.
The information technology department has directed recognized the need of quality
towards the service they provide. This quality aspect can be measured by means of service
desk ticket, up time and other objectives that can be considered as very much vital from the
point of view of any organisation. The IT is slowly moving towards adapting the need of the
business bodies. It can be seen before such a move the IT department, vendors with the IT
service providers with the IT equipment and /or the services. This was mainly imposed on the
automotive to the machinery industry (Gordon et al. 2016). Reliability can be sold quite
easily than selling features. The quality of any product or service can be neglected in many
ways one of the major reason of doing so is the deadline issue of the concerned good (Hopkin
2017). The need of delivering a product or service before the deadline can be sometimes very
much challenging on the point of the originator. However the most important point to be
considered here that the bad quality of the service has nearly come to an end. Putting
emphasis on the part of the service gainer they have somewhat understood the concept that
the lower productivity would directly involve in a lower productivity. Each and every
business needs a system that they can easily rely upon. Each and every hour of down time
would be directly reflected on the part of the lost workers’ productivity and also would
hamper the customer and the service gainer aspect (Almeida, Hankins and Williams 2016).
Depending upon the size of the business concern the loss of the customer would directly be a
huge loss from the point of the organisation. In simple words time would result in a lose
customer moral and the lost customer would not again intent to get the service from the
organisation concerned here. Customer satisfaction could be a vital term here because in any
The IT department has mainly focused on the advantage which it can provide on the point of
view of the better understanding and share in the vision of the business. Putting emphasis on
the understanding the IT department should be able to provide a list of better services which
the business farm would find critical to achieve.
The information technology department has directed recognized the need of quality
towards the service they provide. This quality aspect can be measured by means of service
desk ticket, up time and other objectives that can be considered as very much vital from the
point of view of any organisation. The IT is slowly moving towards adapting the need of the
business bodies. It can be seen before such a move the IT department, vendors with the IT
service providers with the IT equipment and /or the services. This was mainly imposed on the
automotive to the machinery industry (Gordon et al. 2016). Reliability can be sold quite
easily than selling features. The quality of any product or service can be neglected in many
ways one of the major reason of doing so is the deadline issue of the concerned good (Hopkin
2017). The need of delivering a product or service before the deadline can be sometimes very
much challenging on the point of the originator. However the most important point to be
considered here that the bad quality of the service has nearly come to an end. Putting
emphasis on the part of the service gainer they have somewhat understood the concept that
the lower productivity would directly involve in a lower productivity. Each and every
business needs a system that they can easily rely upon. Each and every hour of down time
would be directly reflected on the part of the lost workers’ productivity and also would
hamper the customer and the service gainer aspect (Almeida, Hankins and Williams 2016).
Depending upon the size of the business concern the loss of the customer would directly be a
huge loss from the point of the organisation. In simple words time would result in a lose
customer moral and the lost customer would not again intent to get the service from the
organisation concerned here. Customer satisfaction could be a vital term here because in any
6MANAGEMENT OF INFORMATION TECHNOLOLY
field of business orientation the customer if they are keep happy with the service and the
quality of the service it would be beneficial from the point of view of the customer as well as
from the point of view of the organisation.
The Business value of IT
It is very much crucial for the IT leaders in order to influence the individual who are
mainly tasked with the distributing resources which are scarce across the organisation. The
following points puts emphasis on the term of business which are related to the information
technology:
The IT organisation: In order to increase the business value of the IT, IT mainly refers
to the organisation inside the framework not related to the technology. In other words
funding cannot be only related for acquisition, but can be related to securing,
providing reliable service and its integration.
Funding: There always lies a option of optimizing the IT funding level which are
mainly aimed to drive the measure which is needed for the business value related to
IT
Money: Money can be related the unit of measure of the value. When relating it to the
professional of the IT they refer it to other attributes with respect to IT, but can be
mainly be transferred into a way of authority approving which can be compared to
other sort of resources which request for funding.
Transaction: The measure of the value of IT cannot be merely be expressed without
the implementation of a transaction (Hopkin 2017). Sometimes it may be delivered
and consumed in order to critically analyse then value of the IT.
field of business orientation the customer if they are keep happy with the service and the
quality of the service it would be beneficial from the point of view of the customer as well as
from the point of view of the organisation.
The Business value of IT
It is very much crucial for the IT leaders in order to influence the individual who are
mainly tasked with the distributing resources which are scarce across the organisation. The
following points puts emphasis on the term of business which are related to the information
technology:
The IT organisation: In order to increase the business value of the IT, IT mainly refers
to the organisation inside the framework not related to the technology. In other words
funding cannot be only related for acquisition, but can be related to securing,
providing reliable service and its integration.
Funding: There always lies a option of optimizing the IT funding level which are
mainly aimed to drive the measure which is needed for the business value related to
IT
Money: Money can be related the unit of measure of the value. When relating it to the
professional of the IT they refer it to other attributes with respect to IT, but can be
mainly be transferred into a way of authority approving which can be compared to
other sort of resources which request for funding.
Transaction: The measure of the value of IT cannot be merely be expressed without
the implementation of a transaction (Hopkin 2017). Sometimes it may be delivered
and consumed in order to critically analyse then value of the IT.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
7MANAGEMENT OF INFORMATION TECHNOLOLY
Service: The measure of the IT cannot be related to the business until it is explicitly
stated what the IT organisation is mainly delivering (IT services) in a way appropriate
and which can be easily to understandable to the provider of the service.
Consumer: The customer related to the value of the IT service by agreeing to pay for
the service they have implemented and used according to their requirement.
Change and operation: All the fundamental requirements of the IT can be divided
into two categories: change and operate. The measure of the value of the business
related to the IT can be measured by the mentioned two aspects.
Operate: cost of service: Putting emphasis on the portion of operate average 66% of
the total spending, the value is measured with comparing the cost of the service which
is related to the IT to the alternatives which is considered to be best (Almeida,
Hankins and Williams 2016).
Change – ROI: Relating to the change portion in the IT budget all benefits should be
quantified so that the measurement for the ROI can be conducted.
Enduring: All the stated truth can be considered to be enduring and are not influenced
by the change in the processes or technology.
Risk in IT
IT risk is the application of the principles which can be involved in the risk
management to an organisation in order to manage the risk associated with the field. The
main aim of the information technology management is to manage the ownership. Influence,
adoption, operation and use of these various aspect or terminologies as a part of the larger
enterprise (Gordon et al. 2016). IT risk management can be considered as a component of a
larger enterprise related to risk management protocol. This encompasses not only the aspect
of negative effects and risks boy also the operation and services that can be related directly to
Service: The measure of the IT cannot be related to the business until it is explicitly
stated what the IT organisation is mainly delivering (IT services) in a way appropriate
and which can be easily to understandable to the provider of the service.
Consumer: The customer related to the value of the IT service by agreeing to pay for
the service they have implemented and used according to their requirement.
Change and operation: All the fundamental requirements of the IT can be divided
into two categories: change and operate. The measure of the value of the business
related to the IT can be measured by the mentioned two aspects.
Operate: cost of service: Putting emphasis on the portion of operate average 66% of
the total spending, the value is measured with comparing the cost of the service which
is related to the IT to the alternatives which is considered to be best (Almeida,
Hankins and Williams 2016).
Change – ROI: Relating to the change portion in the IT budget all benefits should be
quantified so that the measurement for the ROI can be conducted.
Enduring: All the stated truth can be considered to be enduring and are not influenced
by the change in the processes or technology.
Risk in IT
IT risk is the application of the principles which can be involved in the risk
management to an organisation in order to manage the risk associated with the field. The
main aim of the information technology management is to manage the ownership. Influence,
adoption, operation and use of these various aspect or terminologies as a part of the larger
enterprise (Gordon et al. 2016). IT risk management can be considered as a component of a
larger enterprise related to risk management protocol. This encompasses not only the aspect
of negative effects and risks boy also the operation and services that can be related directly to
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
8MANAGEMENT OF INFORMATION TECHNOLOLY
degrade the value of the organisation and take the potential benefit of risky ventures into the
scenario. IT risks can be managed by following the steps.
Assessment: assessment of every risk is accessed and scrutinized properly
Mitigation: in order to reduce the impact counter measures are provided.
Evaluation: at the end of the scenario of the project the effectiveness of any measures are
mainly evaluated. And according to the result actions are focused and its various aspect of
precautions are taken into account
Achieving the competitive advantage can be directly related to continence on the
internal environment factors (interdepended factor between its different aspects), external
environments (environmental uncertainties like risk associated with information technology)
and other cultural factors. Only the remedy of these fundamentals can be achieved by
appropriate and sufficient IT capabilities which can be reinforced in channel processing and
capability of implementing the information technology in turn and reap of the be if it’s that
can be directly be achieved with its implementation.
Origin of value chain in IT
The approach of the value chain mainly looks into the overall strategy of the
organisation and mainly can be related to the competitive strength of the organization
(Gordon et al. 2016). Value chain is mainly considered at the concept of the organisation are
not merely random compilation of machinery, people and equipment and main aspect of
funding (Meyer and Reniers 2016). Only if the consideration is made into these input into the
system, the question of is the input in the near future be productive with the concern of the
organisation. The ability to perform a specific activity and the management of the overall
concept of the linkage of the activities can be referred to as the advantage of the competitive
business. There is a difference between primary activities and supporting activities. Primary
degrade the value of the organisation and take the potential benefit of risky ventures into the
scenario. IT risks can be managed by following the steps.
Assessment: assessment of every risk is accessed and scrutinized properly
Mitigation: in order to reduce the impact counter measures are provided.
Evaluation: at the end of the scenario of the project the effectiveness of any measures are
mainly evaluated. And according to the result actions are focused and its various aspect of
precautions are taken into account
Achieving the competitive advantage can be directly related to continence on the
internal environment factors (interdepended factor between its different aspects), external
environments (environmental uncertainties like risk associated with information technology)
and other cultural factors. Only the remedy of these fundamentals can be achieved by
appropriate and sufficient IT capabilities which can be reinforced in channel processing and
capability of implementing the information technology in turn and reap of the be if it’s that
can be directly be achieved with its implementation.
Origin of value chain in IT
The approach of the value chain mainly looks into the overall strategy of the
organisation and mainly can be related to the competitive strength of the organization
(Gordon et al. 2016). Value chain is mainly considered at the concept of the organisation are
not merely random compilation of machinery, people and equipment and main aspect of
funding (Meyer and Reniers 2016). Only if the consideration is made into these input into the
system, the question of is the input in the near future be productive with the concern of the
organisation. The ability to perform a specific activity and the management of the overall
concept of the linkage of the activities can be referred to as the advantage of the competitive
business. There is a difference between primary activities and supporting activities. Primary
9MANAGEMENT OF INFORMATION TECHNOLOLY
activities can be termed as the delivery or the creation of the service or the product (Skees
2016). Each of these concept can be referred to or can be involved as the improvement
activity (Almeida, Hankins and Williams 2016).
Risk analysis
Risk analysis can be directly be related to the technique of managing and identifying
the potential problem that would undermine the key business projects and its initiatives. In
order to carry out the risk analysis aspect involved in an organisation the most primary
objective is to identify the threats that can be possibly be faced in the near future (Gordon et
al. 2016). With it estimation of the likelihood with this threats that would be materialized
would be taken into consideration. Risk analysis can be considered to be complex taking into
account the aspect of detailed information such as financial data, security protocol, project
plan, marketing forecast and other information related to it (Hopkin 2017). This concept can
be considered as a planning tool termed as essential and with its implementation it could save
time, reputation and money. Risk analysis or risk assessment can be quantitative, semi –
quantitative and qualitative (Bouvard and Lee 2016).
Quantitative approach of the risk analysis mainly assigns numerical value with respect to
both likelihood and impact. The quantitative measure with the risk analysis is basically
calculated with the help of a statistical model which can be considered as a guide line to
judge whether or not it is acceptable. The below figure explains the relation between
consequence, likelihood and the limits of acceptance.
activities can be termed as the delivery or the creation of the service or the product (Skees
2016). Each of these concept can be referred to or can be involved as the improvement
activity (Almeida, Hankins and Williams 2016).
Risk analysis
Risk analysis can be directly be related to the technique of managing and identifying
the potential problem that would undermine the key business projects and its initiatives. In
order to carry out the risk analysis aspect involved in an organisation the most primary
objective is to identify the threats that can be possibly be faced in the near future (Gordon et
al. 2016). With it estimation of the likelihood with this threats that would be materialized
would be taken into consideration. Risk analysis can be considered to be complex taking into
account the aspect of detailed information such as financial data, security protocol, project
plan, marketing forecast and other information related to it (Hopkin 2017). This concept can
be considered as a planning tool termed as essential and with its implementation it could save
time, reputation and money. Risk analysis or risk assessment can be quantitative, semi –
quantitative and qualitative (Bouvard and Lee 2016).
Quantitative approach of the risk analysis mainly assigns numerical value with respect to
both likelihood and impact. The quantitative measure with the risk analysis is basically
calculated with the help of a statistical model which can be considered as a guide line to
judge whether or not it is acceptable. The below figure explains the relation between
consequence, likelihood and the limits of acceptance.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
10MANAGEMENT OF INFORMATION TECHNOLOLY
C
A
B
UNACCEPTABLE
GREY
REGION
ACCEPTABLE
FREQUENCY/ PORTABILITY OCCURENCE
CONSEQUNCE
Figure 1: Relation between consequence, likelihood and the limits of acceptance.
(Source: By Author)
Semi- quantitative approach of risk assessment classifies threat according to the
probabilities and consequence of occurrence (Groves et al. 2016). This is mainly in the way
of options which are based upon the person making the assessment. The concept can be
classified into following five classes
Class 0 – very unlikely ( the probability 1 in 1000 years)
Class 1 – unlikely ( 1 in 100 years)
Class 2 – rather unlikely ( 1 in 10 years)
Class 3 - rather likely ( ones in a year)
Class 4 – likely (ones a month) (Bouvard and Lee 2016).
Qualitative approach describes the consequence of the likelihood in detail concept. This
approach is mainly used when the event is very much difficult to express in terms of
C
A
B
UNACCEPTABLE
GREY
REGION
ACCEPTABLE
FREQUENCY/ PORTABILITY OCCURENCE
CONSEQUNCE
Figure 1: Relation between consequence, likelihood and the limits of acceptance.
(Source: By Author)
Semi- quantitative approach of risk assessment classifies threat according to the
probabilities and consequence of occurrence (Groves et al. 2016). This is mainly in the way
of options which are based upon the person making the assessment. The concept can be
classified into following five classes
Class 0 – very unlikely ( the probability 1 in 1000 years)
Class 1 – unlikely ( 1 in 100 years)
Class 2 – rather unlikely ( 1 in 10 years)
Class 3 - rather likely ( ones in a year)
Class 4 – likely (ones a month) (Bouvard and Lee 2016).
Qualitative approach describes the consequence of the likelihood in detail concept. This
approach is mainly used when the event is very much difficult to express in terms of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
11MANAGEMENT OF INFORMATION TECHNOLOLY
numerical values (Hopkin 2017). It can be related to an occurrence without any information
that can be considered as adequate information and numerical data related to it. This type of
analysis can be related to as initial assessment of the recognize risk.
Use of risk analysis
Management of risk analysis
Risk management processes can be sub divided into several sub processes which are
mainly executed in a sequential manner (Wipplinger 2017). One of the most important sub
processes that are related to the topic is Enterprise Risk management. The enterprise risk
management is divided into three main steps:
Identification of risk: Classification and identification are done on the organisation‘s
exposure to the different risk factors. There are two main factors in order to identify the
risk factor, those factors know the organisation in-depth and the market in which the
organisation operates. After the identification process the risk factors are classified as :
1. Strategic: this deals with the objectives which are mainly focused on the long run.
2. Operational: it deals with the everyday life within the prospective of the
organisation which are being faced with the main motive of striving for its strategic
goals.
3. Financial: it can be related to the effective control and management of the finance
of the organisation.
4. Knowledge management: it is related to the control and management of the
resources such as competitive technology, loss of key personal and intellectual
property (Almeida, Hankins and Williams 2016).
numerical values (Hopkin 2017). It can be related to an occurrence without any information
that can be considered as adequate information and numerical data related to it. This type of
analysis can be related to as initial assessment of the recognize risk.
Use of risk analysis
Management of risk analysis
Risk management processes can be sub divided into several sub processes which are
mainly executed in a sequential manner (Wipplinger 2017). One of the most important sub
processes that are related to the topic is Enterprise Risk management. The enterprise risk
management is divided into three main steps:
Identification of risk: Classification and identification are done on the organisation‘s
exposure to the different risk factors. There are two main factors in order to identify the
risk factor, those factors know the organisation in-depth and the market in which the
organisation operates. After the identification process the risk factors are classified as :
1. Strategic: this deals with the objectives which are mainly focused on the long run.
2. Operational: it deals with the everyday life within the prospective of the
organisation which are being faced with the main motive of striving for its strategic
goals.
3. Financial: it can be related to the effective control and management of the finance
of the organisation.
4. Knowledge management: it is related to the control and management of the
resources such as competitive technology, loss of key personal and intellectual
property (Almeida, Hankins and Williams 2016).
12MANAGEMENT OF INFORMATION TECHNOLOLY
Description of the risk: presents risk that are identified in a format which is structured.
This mainly facilitates assessment of risk by means of nature of risk, possible
improvement actions, monitoring of the risk and identification of protocols (Bainbridge
2016).
Estimation of the risk: in this phase qualitative and quantitative risk analysis is performed.
Loss of control and autonomy: the outsourcing can result in leading the organisation to
lean structure. This may result in loss of autonomy, since the organisation may not consist
of internal team in order to discuss technological strategies. Referring to an extreme
condition it may finally result in total loss of control involving in no way to validate bids
related to the supplier. Moreover it can be considered to be time consuming and difficult
and in order to regain the control it could be expensive (Wipplinger 2017).
Mitigation of risk
The main goal of the risk identification and with it its analysis is to evaluate the risk
mitigation. The following point’s gives an overview and the importance of the mitigation
related to risk with it its approach in order to reduce or mitigating project risk.
Risk mitigation Planning
The risk mitigation planning is a continuous process or can be termed as ongoing effort
that cannot be stopped after the risk quantitative assessment relation between consequence,
likelihood and the limits of acceptance relation between consequence, likelihood and the
limits of acceptance (Hopkin 2017). Risk management include can be considered as a front
end planning with regards to the major risk and how they can be mitigated and managed once
they are identified . Therefore it can be stated that the specific risk strategies in order to
mitigate them should be incorporated in the plan of the project execution. Risk mitigation
plan should incorporate the following characteristics.
Description of the risk: presents risk that are identified in a format which is structured.
This mainly facilitates assessment of risk by means of nature of risk, possible
improvement actions, monitoring of the risk and identification of protocols (Bainbridge
2016).
Estimation of the risk: in this phase qualitative and quantitative risk analysis is performed.
Loss of control and autonomy: the outsourcing can result in leading the organisation to
lean structure. This may result in loss of autonomy, since the organisation may not consist
of internal team in order to discuss technological strategies. Referring to an extreme
condition it may finally result in total loss of control involving in no way to validate bids
related to the supplier. Moreover it can be considered to be time consuming and difficult
and in order to regain the control it could be expensive (Wipplinger 2017).
Mitigation of risk
The main goal of the risk identification and with it its analysis is to evaluate the risk
mitigation. The following point’s gives an overview and the importance of the mitigation
related to risk with it its approach in order to reduce or mitigating project risk.
Risk mitigation Planning
The risk mitigation planning is a continuous process or can be termed as ongoing effort
that cannot be stopped after the risk quantitative assessment relation between consequence,
likelihood and the limits of acceptance relation between consequence, likelihood and the
limits of acceptance (Hopkin 2017). Risk management include can be considered as a front
end planning with regards to the major risk and how they can be mitigated and managed once
they are identified . Therefore it can be stated that the specific risk strategies in order to
mitigate them should be incorporated in the plan of the project execution. Risk mitigation
plan should incorporate the following characteristics.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.