How to effectively manage risk on your digital transformation journey

By Michiel Jorna, Global industry director for Digital Risk, Software AG

In the last year, we’ve begun seeing more organisations both globally and in the Australia and New Zealand region embrace digital transformation in a big way and for good reason. In a world where the cloud, social media, the Internet of Things and mobile technology are the major forces driving demand and customer expectations, it’s no longer a question of “if” digital transformation is needed but “how” to realise it.

The number of risks, the complexity, the intersection of risks from a global and organisational standpoint, and from a technology standpoint, is driving the rapid escalation of risks in an organisation. The complexity makes it very difficult for organisations to get their arms around the entire risk profile.

While there are a myriad of advantages of implementing a digital transformation strategy, from a risk management perspective, digitalisation presents unprecedented new challenges.  Digitalisation is not only creating new and higher levels of risk; it’s creating completely new types of risk.

According to analyst group Gartner in its Cybersecurity: A Foundation for Digital Business by 2020, 60 percent of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk. The recent WannaCry ransomware attack which caused global chaos and brought many organisations to their knees is a stark reminder of how quickly risk can spread to and within organisations if it’s not well-managed.

Successful companies will be the ones that cannot just take advantage of the valuable opportunities of digital transformation, but are also able to quickly address and manage the rapidly evolving risks.

In order for organisations to get a handle on these risks, we have seven guiding principles for managing your risk in the era of digital transformation:

1.       Transformation: Streamlined processes orchestrated across multiple systems.

This is all about carefully planning and executing a digital transformation plan which is derived from a clear digital transformation strategy. Connecting risks to strategic objectives and making sure that risks and appropriate mitigation strategies are taking into account when designing as-is and to-be architectures -both from a business and IT perspective- is critical.

2.       Integration: Consistent connectivity across all IT operations.

This relates to breaking down silos so that transformation can occur. From a risk management perspective this is key since the siloed nature of most governance, risk management and compliance (GRC) software solution implementations today is actually blocking the cross-organisation collaboration between risk, compliance, audit, security and so on, that is required to get at the root of the risk issues and the true emerging risks that will impact organisations in the future.

3.       Data: Accounting for expanding data models across myriad systems.

Too often disconnected, siloed data in multiple systems is hampering the ability to aggregate risk data and provide full insight into the risk exposure an organisation is facing. The data discipline is key to understand and articulate an organisation’s total risk exposure in relation to a given strategic objective.

4.       Visibility: A real-time understanding of the entire business that enables quick response to challenges and opportunities.

This refers to visibility of data moving around the organisation now and the ability to rapidly respond to business insights based on real-time dashboards, rather than the traditional risk and audit reports showing how bad things went two months ago. Real-time visibility is critical in order to be able to make the right (risk-based) decisions at the right time.

5.       Applications: Controlling and automating processes that span multiple applications and systems.

This means rapidly developing and deploying applications on top of your platform. In order to follow the pace of digitalisation, risk management needs to become more agile. Rapid development of new risk management applications on your own digital platform makes firms faster–instead of relying on vendor build one-size-fits-all risk management solutions.

6.       Scale: Leveraging Big Data for business benefits with processes that are driven by sophisticated analytics.

Today, a vast amount of data is available and accessible to organisations. In-memory data solutions are key to leveraging all new information – for instance, granular customer-payment and spending behaviour, social-media presence, and online browsing activity—in risk decision making. Accessing external, unstructured data offers substantial upside not only for better risk decisions, but also for early warning systems, detection of financial crimes, prediction of operational losses, etc.

7.       Connectivity: Easily sharing data both internally and externally in order to improve overall efficiency.

Risks do not necessarily stop at the boundaries of an organisation, so being able to easily, consistently, and reliably connect to external partners, vendors and/or suppliers is a critical enabler for managing risk across the value chain.

Risk management needs to follow the pace of digitalisation and the seven disciplines of digital transformation we’ve outlined above can help you to better manage this and deal with the unexpected in this fast moving digital economy.


Tags risk managementcloud securityGartner Groupsoftware AGdigital risk managementransomware attacksWannaCry

Show Comments