How to Create Cost-Effective Risk Oversight
How to Create Cost-Effective Risk Oversight

Most organizations are still struggling to improve their risk oversight practices, particularly when it comes to data security. We’ve shared before that, though a top-down prioritization of data security as a business issue is a key differentiator in organizations being able to tackle security gaps. The board and C-suite executives are hindered by a lack of actionable information needed to address these issues, in part creating a situation where executives remain under-involved in mitigating data security risks.

In a Gartner Analyst Report hosted by Absolute, Seven Keys to Successful and Cost-Effective Risk Oversight, you can learn some key actions to successful and cost-effective risk oversight. The report recommends:

  1. Speak substantively about risk at every board meeting
  2. Define and deploy leading risk indicators as warnings of future events, not past events
  3. Explicitly link major risk areas to elements of strategy. Similar to the advice to make data security a business issue, this helps create a “forward looking” risk oversight
  4. Align risk management and performance management
  5. Clearly articulate risks encountered versus authorized risk appetite, and use clear, concise risk appetite statements to govern the risks taken throughout the enterprise
  6. Organize for enterprise-wide risk identification and accountability
  7. Use technology as an enabler of risk oversight activities

Currently, 55% of board members believe it’s not reasonable to expect a board to “get its arms around” all aspects of corporate risk, including cyber risk, which is a very dangerous position to have. Companies that fail to improve will suffer increased liability and the misallocation of valuable resources. Read Gartner’s recommendations on how to avoid risk oversight in the full report here.

Here at Absolute, we help organizations gain visibility into the endpoint, providing them with a reliable two-way connection so they can monitor, assess and respond, regardless of user or location. We go beyond just visibility, giving you the tools your organization needs to gain insight into data on the endpoint and to quickly identify and respond to security incidents. Our reports provide accurate current and historical data, created automatically, with no chance of human error. Learn more about how our team can assist you with your risk response and endpoint security here.

ABOUT THE AUTHOR

Arieanna Schweber

Arieanna Schweber has been a part of the Absolute writing team since 2007. Arieanna was Canada’s first female professional blogger and has been professionally blogging since 2006 and has spoken at leading blogging conferences including BlogHer and Northern Voice. Arieanna has a joint degree in Business and Communications from Simon Fraser University and continues to build communities for Vancouver-based clients.