{"id":32952,"date":"2023-09-03T17:16:36","date_gmt":"2023-09-03T17:16:36","guid":{"rendered":"https:\/\/www.goodacademic.com\/blog\/questions\/how-it-governance-and-regulation-can-impact-an-organizations-risks-which-parties-do-those-risks-affect-how-regulations-and-governance-interact-with-risks-and-stakeholders-and-how-to-balanc\/"},"modified":"2023-09-03T17:16:36","modified_gmt":"2023-09-03T17:16:36","slug":"how-it-governance-and-regulation-can-impact-an-organizations-risks-which-parties-do-those-risks-affect-how-regulations-and-governance-interact-with-risks-and-stakeholders-and-how-to-balanc","status":"publish","type":"questions","link":"https:\/\/www.goodacademic.com\/blog\/questions\/how-it-governance-and-regulation-can-impact-an-organizations-risks-which-parties-do-those-risks-affect-how-regulations-and-governance-interact-with-risks-and-stakeholders-and-how-to-balanc\/","title":{"rendered":"how IT governance and regulation can impact an organization\u2019s risks, which parties do those risks affect, how regulations and governance interact with risks and stakeholders, and how to balance opposing viewpoints inherent to managing risk."},"content":{"rendered":"<ul style=\"margin-right: 0px; margin-bottom: 6px; margin-left: 25px; cursor: auto; color: inherit;\">\n<li style=\"cursor: auto; color: inherit;\"><strong style=\"font-weight: bold; cursor: auto; color: inherit;\">Your post can take one of two directions. Either 1) identify an IT-related or business process risk (or set of risks) and discuss which stakeholders are impacted, how the risk(s) are currently being managed, and propose a new and\/or revised risk management approach, OR 2) identify a new\/proposed regulation and discuss who it will impact and how \u2013 considering the risk management perspective.<\/strong>\n<ul style=\"margin-right: 0px; margin-left: 25px; cursor: auto; color: inherit;\">\n<li style=\"cursor: auto; color: inherit;\">You may discuss any IT-related or business process risk that an organization may have OR any IT-related regulation.<\/li>\n<li style=\"cursor: auto; color: inherit;\">Examples of IT-related risks extend beyond information security and would include compliance risk (e.g., maintaining data privacy standards), misalignment of IT and business objectives (e.g., an ERP system that does not support necessary business operations), and IT does not produce value to organization (e.g., costs of IT system outweigh its benefits).<\/li>\n<li style=\"cursor: auto; color: inherit;\">Examples of business process risks generally relate to operations and would include risks to fulfillment (e.g., vendor unable to supply raw materials) and documentation (e.g., errors in sales documents).<\/li>\n<li style=\"cursor: auto; color: inherit;\">Examples of new proposed regulations include The State and Local Government Cybersecurity Act of 2021.<\/li>\n<li style=\"cursor: auto; color: inherit;\">This article most simply describes the main risk management strategies:<span style=\"cursor: auto; color: inherit;\">&nbsp;<\/span><a style=\"cursor: auto;\"><span style=\"cursor: auto; color: inherit;\">https:\/\/www.ideagen.com\/thought-leadership\/blog\/what-is-a-risk-management-strategy<\/span><span style=\"cursor: auto; color: inherit;\"><span style=\"margin: -1px -1px 0px; cursor: auto; color: inherit;\">Links to an external site.<\/span><\/span><\/a><\/li>\n<li style=\"cursor: auto; color: inherit;\">This is the in-depth COSO-ERM guidance (Item 4, Principle 13 is most related to this discussion):<span style=\"cursor: auto; color: inherit;\">&nbsp;<\/span><a style=\"cursor: auto;\"><span style=\"cursor: auto; color: inherit;\">https:\/\/www.coso.org\/Shared%20Documents\/Compliance-Risk-Management-Applying-the-COSO-ERM-Framework.pdf<\/span><span style=\"cursor: auto; color: inherit;\"><span style=\"margin: -1px -1px 0px; cursor: auto; color: inherit;\">Links to an external site.<\/span><\/span><\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Your post can take one of two directions. Either 1) identify an IT-related or business process risk (or set of risks) and discuss which stakeholders are impacted, how the risk(s) are currently being managed, and propose a new and\/or revised risk management approach, OR 2) identify a new\/proposed regulation and discuss who it will impact [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":[],"disciplines":[644],"paper_types":[],"tagged":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/32952"}],"collection":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions"}],"about":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/types\/questions"}],"author":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/comments?post=32952"}],"version-history":[{"count":0,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/32952\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/media?parent=32952"}],"wp:term":[{"taxonomy":"disciplines","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/disciplines?post=32952"},{"taxonomy":"paper_types","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/paper_types?post=32952"},{"taxonomy":"tagged","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/tagged?post=32952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}