Risk & Assurance

Delivering value through cost-effective and business-driven IT risk management.

Controlling, understanding and managing IT’s risk exposure has become a CxO topic. Not only due to external rules and regulations, but also as IT’s role within the business grows bigger. IT risks are business risks. As such, finding cost effective and pragmatic ways of managing operational, tactical and strategic IT risks are key in creating and sustaining competitive advantage.

How can we help your business?

Contact



Related Articles


Understanding IT outsourcing risk: incorporating risk management in your IT sourcing strategy

Risk Management, Sourcing

Outsourcing decisions have long term consequences. Understanding how IT organisations and IT executives make decisions, value risk and manage risk is an integral part of IT outsourcing. The consequences of poor decision making with resulting lock-in effects can be detrimental to competitiveness, undermine organisational morale and incur significant costs. Managing risk during the IT sourcing life-cycle is at the heart of successful IT outsourcing.


Whose project is it anyway?

Change Management, Governance, Risk Management

Most traditional methodologies hold that a business case is something that a project manager inherits and that its responsibility sits with a sponsor, project executive or even a governance board of some sort. However the project manager can, and should, play a critical role in assessing and critiquing the business case to guard against project failure.


The commitment risk – When IT outsourcing exposes shadow processes and loyal heroes

Operations, Risk Management, Sourcing

People working for a certain company tend to grow very committed to it. They are prepared to walk the extra mile to boost company success. In IT, it…


Staying in control over an outsourced delivery

Governance, Risk Management, Sourcing

An outsourced delivery of a function, process or portion of work from your business can be a suitable solution for many reasons, such as focusing on the development…


Embedding compliance: How to integrate Sarbanes-Oxley in your projects

Assurance & Compliance, Risk Management

Internal controls are incredibly important to business operations but are often seen as something abstract and separate while they in fact should be part of business as usual and all ongoing develop­ment activities. Trying to resolve and remedy a lack of internal controls as a separate, post-event activity is not only risky – it’s also expensive. Control and assurance must be based on the business risk, be in line with external rules and regulations and be built in from the start.