Risk management is becoming increasingly complicated, thanks to the growing volume and complexity of security threats, and it is leaving many organizations awash in security risk data without the means for assessing or contextualizing its potential business impact.
According to a recent report from the ERM Initiative of North Carolina State University’s Poole College of Management and the American Institute of Certified Public Accountants (AICPA), two-thirds of 474 senior executives surveyed have recently experienced an “operational surprise” due to a risk they did not adequately anticipate. Worse, only 22 percent of respondents consider their risk management practices “mature” or “robust,” which represents a decline in maturity over the past two years.
Enterprise cloud applications provider Workday was one such organization struggling to translate its mounting security risk data into actionable business initiatives — until it developed an innovative risk management tool that not only scores and prioritizes risks, it translates risk data into language business leaders can understand and use to inform strategic priorities.
Translating risk data into business initiatives
When your business centers on hosting human resources and financial management data, security risk assessment is a core part of your mission. What Workday has found, however, is that translating risk data into actionable business initiatives is challenging when communication with business leadership about risks and risk context breaks down.