Using Consequence Analysis Techniques, identify the potential negative aspects of consequences on IS strategic design and planning. Include ethical issues, such as failure consequences, professional codes of conduct and data accessibility. 3. 1 Management of Risk The management of risk is pivotal to the strategy of an organization. An exercise for term bound IS strategic design and planning of an organization is subject to risks.
Some of these could have positive consequences and again some events could be risky and have negative consequences. Such exercises thus need to be subjected to risk and consequence analysis using established techniques to identify the potential negative aspects of consequences; which would be likely to occur during their implementation. Identification of these will enable the organization to view the IS design in totality and decide to amend the design to reduce the probability of failure or to increase the probability of success.
Risks could be financial or operational and be driven by strategy or hazards. Threats to the plan can also be internal or external to the organization. The table shown below has been adapted from the Risk Management Standard prepared by the major risk management associations of the UK. (A Risk Management Standard, Pgs 1 to 17) It classifies the various types of risks that could be faced by a planned strategic initiative.
Good risk management focuses on the identification and treatment of risks and seeks to add value to activities primarily by first assessing and understanding the negative and positive consequences of the involved factors and increase the probability of success. The management of risk needs to be continuous and an integral part of the organization’s strategy and its’ implementation. All possible risks need to be quantified and addressed. The strategy for risk containment needs to be converted into objectives with specific responsibility centers.