Presentation is loading. Please wait.

Presentation is loading. Please wait.

Communicating IT Risks to Stakeholders

Published byRidwan Irawan Modified over 5 years ago

Similar presentations

Presentation on theme: "Communicating IT Risks to Stakeholders"— Presentation transcript:

1 Communicating IT Risks to Stakeholders
By Abdulaziz Ahmed Al-Duaij Manager, Information Technology, KNPC

2 Agenda: 1. What is Risk 2. What is an IT Risk 3. IT Risk Communication
4. Recognizing a Challenge 5. Three Keys to Success 6. Four IT Risk Communication Strategies 7. Q & A

3 What is Risk ? Risk is a natural part of the business landscape. If left unmanaged …

4 What is an IT Risk ? Too often overlooked, IT Risk is a business risk, related to the use of IT. Measure of an IT risk: Product of threat, vulnerability and asset values IT Risk = Threat x Vulnerability x Asset Value

5 What is an IT Risk ? A more current Risk management framework for IT Risk would be the TIK framework IT Risk = (Threat x Vulnerability/ Countermeasure) x (Asset Value at Risk)

6 Risk Communication Communicating Risk to Stakeholders is the Top Task for Today's Risk Managers {Reveals a study by The Global Association of Risk Professionals (GARP)}.

7 Recognizing Challenges
Even though stakeholders may be familiar with the risk assessment process, stakeholders often have different perspectives on the significance of the findings of the risk assessment and appropriate risk management actions. Risk perception involves the influence of subjective factors on how risks are understood and valued - USEPA’s Risk Communication Handbook (USEPA 2007e). Risk communications must not underestimate the importance and validity of risk perception. For example, while odors may present no physical risk, failure to address them in a timely manner may elevate other concerns about the credibility of the cleanup. The assessment and reduction, removal, or control of chemicals in environmental media. Cleanup is synonymous with other terms such as "corrective action" and "remediation" used in various state, local, and federal programs. process.

8 Key 1 : Communicate Early
Three Keys to Success: Key 1 : Communicate Early “Communicate Early and Communicate too often” - Steve Cullum Early discussions with stakeholders help to identify potential areas of concern and enables stakeholders to take early actions to address those concerns, before they turn into crises.

9 Key 2 : Be transparent Three Keys to Success:

10 Key 3 : Collaborate Three Keys to Success: Avoid - I, me, mine
Avoid negatives: “I can’t,” “I won’t,” … Keep referring to a common goal: – e.g. “In the interest of our Company… Encourage others to share their opinion Recognize people Engaging stakeholders in an inclusive relation of collaboration ensures that the decisions made incorporate stakeholders’ views and experience. This creates a firm ground to base decisions on sound evidence and analysis, which in turn leads to better and more focused decisions.

11 The 80–20 Principle: Engaging stakeholders in an inclusive relation of collaboration ensures that the decisions made incorporate stakeholders’ views and experience. This creates a firm ground to base decisions on sound evidence and analysis, which in turn leads to better and more focused decisions.

12 Four Risk Communication Strategies:
Strategy-1: Expert hearings Opinions from experts with differing positions Experts with different positions are asked to give their opinion about an issue to a representatives of the organizing institution (often a regulatory agency). Specific questions are asked to each of the experts and once every expert has had a chance to give an answer the organizing committee can try to reach a conclusion on the subject. Hearings are a good way of developing understanding about an issue but may not always allow for a conclusion or final decision to be reached.

13 Four Risk Communication Strategies:
Strategy-2: Expert Committees: Bringing experts together Bringing experts together in commissions, advisory boards or committees can be a good way to gather expert opinion.  These group seetings allow the experts to talk openly about the issues in a manner that is independent from the organization that they report to.  Disadvantages are that it may take a long time to reach a consensus and that the public opinion has not been consulted. 

14 Four Risk Communication Strategies:
Strategy-3: Stakeholder hearings Understanding both from the stakeholder's point of view and that of the organization Stakeholder opinions can be gathered through hearings during which time information can be shared and positions on the issues are better understood both from the stakeholder's point of view and that of the project organization. Hearings should be seen as a means of gathering information not resolving conflict.  Often hearings can lead to heated debates so do not expect to end the hearing with solutions.

15 Four Risk Communication Strategies:
Strategy-4: Round tables (advisory groups): Bring a variety of stakeholder groups together in a working atmosphere Round Tables are used to bring together a variety of stakeholder groups together in a working atmosphere.  Unlike a hearing the groups aim to share perspectives and come to conclusions about management options.  Because heated debates are common in these settings it is useful to have a moderator, or someone to control the atmosphere, and direct the debates in a productive manner.  The moderator needs to be someone with no direct interest in the outcome.

16 Have a Strategy Communicate Early Be Transparent Collaborate
Conclusion: Have a Strategy Communicate Early Be Transparent Collaborate

17 Conclusion: Thank You

18 Conclusion: Q & A

Download ppt "Communicating IT Risks to Stakeholders"

Similar presentations

Creating Better Health and Care Services An overview of a Better Health and Care Review process.

Creating Better Health and Care Services An overview of a Better Health and Care Review process.
Stakeholder And Issues Management Approaches

Stakeholder And Issues Management Approaches
Presentation By: Chris Wade, P Eng. Finally … a best practice for selecting an engineering firm.

Presentation By: Chris Wade, P Eng. Finally … a best practice for selecting an engineering firm.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
SUPPORTED BY THE EUROPEAN UNION’S OBNOVA AND PHARE PROGRAMMES Public Involvement EIA TRAINING RESOURCE MANUAL FOR SOUTH EASTERN EUROPE.

SUPPORTED BY THE EUROPEAN UNION’S OBNOVA AND PHARE PROGRAMMES Public Involvement EIA TRAINING RESOURCE MANUAL FOR SOUTH EASTERN EUROPE.
Including School Stakeholders. There are many individuals and groups associated with schools and many of these people are likely to have valuable ideas.

Including School Stakeholders. There are many individuals and groups associated with schools and many of these people are likely to have valuable ideas.
Kathy Corbiere Service Delivery and Performance Commission

Kathy Corbiere Service Delivery and Performance Commission
Socially Sustainable Development, May 2002 Responsive, Reliable, Resilient Social Aspects of Sustainable Development Steen Lau Jørgensen Social Development.

Socially Sustainable Development, May 2002 Responsive, Reliable, Resilient Social Aspects of Sustainable Development Steen Lau Jørgensen Social Development.
Commissioning and the Third Sector Health Network Skyers-Poorman Research and Consulting.

Commissioning and the Third Sector Health Network Skyers-Poorman Research and Consulting.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.

ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Dr. Poh-Ling Tan, Associate Professor, Socio-Legal Research Centre/Australian Rivers Institute Griffith University, Brisbane, AUSTRALIA Water matters:

Dr. Poh-Ling Tan, Associate Professor, Socio-Legal Research Centre/Australian Rivers Institute Griffith University, Brisbane, AUSTRALIA Water matters:
©Ofcom EU Communications package : State of Implementation Kip Meek, Senior Partner, Content & Competition Brussels, 30 May 2005.

©Ofcom EU Communications package : State of Implementation Kip Meek, Senior Partner, Content & Competition Brussels, 30 May 2005.
Annual General Meeting 22 nd September Overview of reports published responses to support findings 1000 comments and reviews of.

Annual General Meeting 22 nd September Overview of reports published responses to support findings 1000 comments and reviews of.
ERASMUS + Care to Work project (2014) Abused no More project (2015)

ERASMUS + Care to Work project (2014) Abused no More project (2015)
Deborah Connor President Diabetes New Zealand 26 November 2016

Deborah Connor President Diabetes New Zealand 26 November 2016
JMFIP Financial Management Conference

JMFIP Financial Management Conference
16 Organizational Conflict, Politics, and Change.

16 Organizational Conflict, Politics, and Change.
Access to Information, Participation in Decision-Making and Justice in the OECS: some thoughts Peter A. Murray OECS Secretariat.

Access to Information, Participation in Decision-Making and Justice in the OECS: some thoughts Peter A. Murray OECS Secretariat.
MGMT 452 Corporate Social Responsibility

MGMT 452 Corporate Social Responsibility
PowerPoint Presentation

PowerPoint Presentation

Similar presentations

Ads by Google