Network Management
Assessing, managing enterprise risk
What it takes to manage virtual servers
Managing enterprise risk requires IT executives to perpetually perform a juggling act of sorts.
Related links
Senior Editor Denise Dubie covers the technologies, products and services that address network, systems, application and IT service management for Network World. E-mail Denise.
Story tools
Sponsored by:
E-Mail article
|
|
Print article
|
|
Contact author
|
|
AIM article
|
del.icio.us |
Reddit
|
Digg
|
Stumble
|
Slashdot It!
|
IT executives must provide technologies and services to enable the business to thrive and grow, but at the same time they need to maintain tight controls on resources, access rights and the environment to prevent the risk of technology to the business from outweighing the reward.
"Organizations have always had to manage risk. Business survival requires an organization to successfully manage risk," reads a Forrester Report released last week entitled "Demystifying Enterprise Risk Management." "The challenge is that there are multiple definitions, approaches to and reporting of risk that are managed in silos across the organization. Risk managers must understand the varying views of risk across the organization and decide on a common framework of risk that the entire organization can work within."
That means IT is charged with making certain individuals are equipped to do their jobs without putting the company or its intellectual property in harm's way. For instance, risk management includes ensuring unauthorized individuals are not accessing certain data or working on systems not within their privileges, but it reaches much further than that.
According to Forrester Research, companies must first define risk and apply the comprehensive definition of risk across the entire organization. The research firm narrows it down to: "Risk is the effect of uncertainty on organizational objectives" and "Risk management is the coordinated activities to direct and control an organization to realize the opportunities while mitigating the negative consequences of events." Today several vendors are working to help customers ease the burden of first identifying and then managing risk with technologies falling into the broad governance, risk and compliance (GRC) market.
For instance, IBM earlier this year detailed its plans to address customer pain points around GRC and Symantec followed suit by offering IT-risk assessment services this past summer. And start-ups are emerging to tackle this problem as well. Newcomer Securityworks this week launched itself as a enterprise risk management software provider, after offering services in that market for the past few years.
| Use this form to start a public discussion with other Linux World users on this article. Log In | Register for an account (Why you should) |
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
• Xandros buys Linspire, says ex-CEO
• A Red Hat packed with dynamite
• Deposition challenges Trend Micro patent
• HP throws Tru64 code open
• Firefox 3 vulnerability found
Nerdapalooza Orlando, Florida, July 4-5 2008.
LinuxWorld Conference and Expo San Francisco, August 4-7, 2008.
Linux Plumbers Conference Portland, OR, Sept. 16-19, 2008.
FreedomHEC Santa Monica, November 8-9, 2008.