Risk Management Calls for Team Effort

Corporate departments must hang together, or surely they will all hang separately.

Is your IT department excluded from providing strategic input in such areas as marketing, sales, human resources and business development? Are you treated like a third-party service provider who happens to be on the payroll?

If so, dash to a headhunter; your companys days are numbered. So says risk expert Emily Freeman, pointing to ITs integration with almost every aspect of business.

As the director of E-Business Risk Management & Consulting for Marsh Inc., Freeman studies the crises that befall e-commerce initiatives. While no two companies face exactly the same risks, Freeman said the one pitfall all enterprises must avoid is the "silo mentality" of departmental isolation.

"Companies have to learn how to deal with multifaceted, ever-changing and uncertain risk from a team perspective," Freeman said. While that means bringing IT into all corporate planning, it also requires that IT involve other departments in decisions about the companys deployment of technology, from network security to privacy policies to platforms and applications. You have to give as good as you get.

Freeman offered the following example from the perspective of an IT manager: "Im making a decision to go live with a major new application that faces third parties or customers. That application has my name written all over it. Its a major enhancement. Who decides from a risk perspective that the application has been properly tested and addresses all the various liability as well as technology issues, all the consumer issues? How do we assemble what I call a go-live strategy?"

Too many companies, Freeman said, "just go live and wait for the flak to fly," instead of involving departments such as law, marketing and human resources from the outset. In addition to exposing a company to legal liability if a product or service fails, Freeman said, "this is a reputation thing. The worst way you can learn this lesson is for something to go very wrong, and you end up on CNN or in The Wall Street Journal because publicity about a security breach or privacy violation gets so bad you cant hide it."

To paraphrase an American who knew something about technology and risk: Corporate departments must hang together, or surely they will all hang separately. Benjamin Franklins advice was good in 1776, and its still good today.

Is your company managing risk or at risk? Let me know at rob_fixmer@ziffdavis.com.