Cutter Consortium :: Press Release: Chief Information Officer or Corporate Risk Manager?

Save 20% on any title when you order by 30 June 2008!

Enter Priority Code 60R*C06SAVE at checkout to receive your savings.

Press Releases

Contact Media Relations

ORDER THIS REPORT

June 15, 2004 - Arlington, Massachusetts

Chief Information Officer or Corporate Risk Manager?

"The level of risk management required to cope with emerging issues has increased significantly both for the CIO and the corporation as a whole. As a result, the need for enterprise risk management and governance has never been greater or more urgent," says Cutter Consortium Fellow Robert N. Charette.

The new laws and directives for improved accountability and transparency, such as Sarbanes-Oxley and the Turnbull requirements in the UK, are greatly expanding the CIO's role in identifying and managing enterprise risks, as well as in supporting the organization's risk governance requirements. And more governance directives are likely to appear over the next several years. Explains Charette, "Since managing many of the enterprise systems and processes falls into the domain of the CIO, the CIO is now right in the middle of corporate governance compliance. For instance, e-mail and other corporate data that were once routinely destroyed may now need to be saved. What once were considered nonfinancial IT systems may now require consideration as financial, if such systems produce, gather, or transmit financial information.

"Furthermore, given the new corporate governance requirements, many IT-related issues that previously weren't perceived as corporate governance issues are developing into them. For example, an IT project that is in trouble and that may materially affect a corporation's financial condition can become a governance issue if the CIO does not disclose that information in a timely fashion."

What should a CIO's main focus be in relation to enterprise risk management and governance? Charette outlines three priorities in the Cutter Consortium report titled "The Rise of Enterprise Risk Management and Governance":

Become familiar with the intricacies of corporate governance, since many risks and problems of implementing it travel directly through the IT organization. Especially important are the gray-space risks: the IT issues that don't begin as governance problems but end up as them.
Determine how the IT organization can become a zero-trauma organization. "No surprises" should be the watchword, with operational excellence as the objective.
Develop and implement a strong risk management culture to evaluate operational IT risks. Culture will be increasingly important as many of the emerging risks that corporations and CIOs will have to deal with will be caused by societal changes in risk awareness.

To request a copy of the Business-IT Strategies report in which these comments were made or to schedule an interview with Cutter Consortium Fellow Robert Charette, contact .

More information about Robert N. Charette is available at http://www.cutter.com/meet-our-experts/charetter.html.

ORDER THIS REPORT

About Cutter Consortium

Press Release: Chief Information Officer or Corporate Risk Manager?

SITEMAP SEND FEEDBACK NEED HELP?

Cutter Consortium, founded in 1986, is a global IT advisory firm helping organizations forge solutions to the business technology challenges they face. Through its research, consulting, and training, Cutter assists enterprises as they create, implement, and maintain IT systems and organizations that support business objectives and encourage innovation. Cutter pushes the thinking in the field by fostering debate and collaboration between thought leaders from different domains, countries, and disciplines. As a completely independent entity that has no special ties to vendors, Cutter Consortium is beholden to no one and dedicated to providing completely objective, unbiased information to its clients. Cutter Consortium gives you access to the top thinkers in IT.

Cutter Consortium, 37 Broadway, Suite 1, Arlington, MA 02474, USA. Phone: +1 781 648 8700, Fax: 781 648 8707