Strategic Technology Governance Risks

Patrick McConnell

This chapter will describe the roles and responsibilities involved in the management of technology governance risks, and how these processes can be integrating into firm-wide ERM programmes. The chapter will cover the development of a risk management framework (RMF) for managing strategic risks, in particular concentrating on the governance at board level and the organisation of strategic technology risk management activities.

While Chapter 4 examined a formal definition of four types of strategic technology risks and described them in detail, this chapter will look specifically at strategic technology governance risks – ie, the risks that a board may fail to put in place the necessary policies and processes to govern the development and execution of its IT strategies.

In this chapter, the requirements of various regulators for IT governance are outlined, and it is important to note that failure to heed and react properly to regulators’ concerns is itself a major governance risk.

ROLES AND RESPONSIBILITIES FOR IT GOVERNANCE

Regulators do not often prescribe the precise organisational structures of the financial institutions that they regulate, but they do require that

To continue reading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: