While some business owners understand the role that IT plays in their business, for many it can be taken for granted to the point where IT systems work against your business goals.
- determine the number of core business processes that depend on an underlying IT system to function
- ask what happens if these systems fail and how the downtime will affect your ability to generate revenue
The amount of downtime you can tolerate before revenue generation is impacted will help you understand your reliance on IT. With this understanding, you are then able to make decisions on how to minimize interruptions to your business.
Risk can stem from all areas of your business and must be lowered to acceptable levels. Risk from IT systems is no different and is something that is often overlooked by business owners stemming from a lack of understanding of the technical risks that exist.
Technical risk must be assessed at least twice a year by the IT Manager/IT Director/CIO or other person in your company that has the responsibility for IT. It must then be understood how this technical risk translates to business risk, and effectively communicate this to business owners in order to make decisions on mitigation steps.
- Having outdated and unsupported operating systems on your servers and workstations
- Not having vendor-level support agreements in place for your core management information systems
- Not having a defined updating and patching schedule for your servers and workstations
These technical risks translate into business risk through the high probability of downtime, and cyber attack which can adversely affect your business’ ability to continue operating.
- your short and long-term goals and what IT systems are needed to achieve them
- your level of risk tolerance stemming from these IT systems