Every organization should have an agreed understanding of risk, what that means for the company, and where the line of acceptability is (threshold). Knowing where this line is, and using it as a driving force for decision making within IT, can dramatically maximize resources and decrease costs.
Risk Management sometimes has the unfortunate nickname of being titled the Business Prevention Unit (BPU), but actually, that name couldn’t be further from the truth. Robust and mature risk management ideally acts as a catalyst for decision making and resource management within any department. Risk management is a tool that, when understood, enables technology leaders to make decisions that drive the department and therefore the business forward.