免费下载书籍地址:PDF下载地址
精美图片
IT 危机IT RISK书籍详细信息
- ISBN:9781422106662
- 作者:暂无作者
- 出版社:暂无出版社
- 出版时间:2007-08
- 页数:221
- 价格:235.40
- 纸张:胶版纸
- 装帧:精装
- 开本:16开
- 语言:未知
- 丛书:暂无丛书
- TAG:暂无
- 豆瓣评分:暂无豆瓣评分
内容简介:
IT risks directly impact business performance, and [the authors] advise business executives on how they can manage IT risk as business risk with business consequences. --Government Technology, October 10, 2007
书籍目录:
Preface and Acknowledgments
Introduction IT Riskand Consequences
One The 4A Risk Management Framework
Two The Three Core Disciplines of IT Risk Management
Three Fixing the Foundation: Strengthening the Base of the Pyramid
Four Fixing the Foundation: Simplifying the Installed Base
Five Developing the Risk Governance Process
Six Building a Risk-Aware Culture
Seven Bringing the Three Disciplines Up to Speed
Eight Looking Ahead
Nine Ten Ways Executives Can Improve
IT Risk Management
Notes
Index
About the Authors
作者介绍:
暂无相关内容,正在全力查找中
出版社信息:
暂无出版社相关信息,正在全力查找中!
书籍摘录:
暂无相关书籍摘录,正在全力查找中!
在线阅读/听书/购买/PDF下载地址:
在线阅读地址:IT 危机IT RISK在线阅读
在线听书地址:IT 危机IT RISK在线收听
在线购买地址:IT 危机IT RISK在线购买
原文赏析:
暂无原文赏析,正在全力查找中!
其它内容:
书籍介绍
By M. McDonald (Chicago, IL United States) - See all my reviews
IT used to be thought of as separate from the business, a staff function that by itself could enable but not change the business, its value or its brand. Well that view no longer holds water and Westerman and Hunter show how IT risk is really business risk and needs to be treated as such. In their book, the two provide a clear and concise discussion about IT risk from the perspective of the leader/practioner rather than the perspective of the auditor.
Since business and IT have become so closely intertwined and this book offers clear and actionable advice - not fear, uncertainty or doubt - I recommend this as a read for the CIO/IT executive as well as the CEO so they can understand what to expect both in terms of protection but also competitive advantage from the ability to manage IT risks.
I come to this position from the way Westerman and Hunter introduce the concept of risk management and the way they have organized the book. They introduce a framework of four "A's" that looks at risk from a business perspective, rather than an auditing or compliance perspective. The four A's that define IT risk are:
Availability -- keeping business processes and information flowing through the business
Access -- ensuring that the appropriate people, including customers and suppliers, can get the information and functionality they need to be effective
Accuracy -- concentrating on providing timely and complete information to meet operating and oversight needs
Agility -- the ability to change with managed cost and speed.
Westerman and Hunter address this subject in a clean and concise nine chapters that provide actionable advices on how to plan and manage risks. One thing of note is that the book talks about using your risk management capability as a competitive weapon -- what you can do that others cannot because you manage risk better. This gives the topic of risk management a strategic context that is unique to this work.
The book can be thought of as being in three parts.
Part One is about the framework and the overall approach to risk management. It includes the following chapters:
Chapter 1: The 4A Risk Management Framework
Chapter 2: The Three Core Disciplines of IT Risk Management
Part Two concentrates on the actionable management steps business and technology executives can use to manage risk.
Chapter 3: Fixing the Foundation: strengthening the base of the pyramid -- about the importance of infrastructure in risk management.
Chapter 4: Fixing the Foundation: simplifying the base of the pyramid -- about how complexity drives risk, cost and performance levels.
Chapter 5: Developing the Risk Governance Process -- covering how do you manage and make decisions regarding IT and Business risks.
Chapter 6: Building a risk-aware culture-- here the authors make an important connection between risk and culture and a critical distinction between being risk aware (strategically important) and being risk adverse (strategic killer)
Chapter 7: Bringing the three disciplines up to speed -- concentrates on the program and patterns for effective implementation.
Part Three looks at the future and improvements to risk management
Chapter 8: Looking ahead -- talks about how to incorporate risk management as a positive force in planning and strategy setting
Chapter 9: Ten ways executives can improve IT risk Management.
Overall this is a must read for CIOs, IT risk management and IT profesionals. It is also recommended reading for CEOs and others who want to understand how to manage IT and how to gain advantage from having good IT.
By James Taylor "Enterprise Decision Management ... (Palo Alto, CA USA) - See all my reviews
I was lucky enough to get a pre-release copy of IT Risk: Turning Business Threats into Competitive Advantage by George Westerman and Richard Hunter. The book approaches IT risk not as a technical issue but as a business and management one with potentially serious consequences. As businesses increasingly are there information systems, this point of view is both necessary and valuable. The book introduces IT risk and its consequences, discusses the authors' 4A framework and outlines 3 core disciplines for IT risk management. It then drills into actual steps to take to fix the foundation, develop risk governance processes and establishing a risk aware culture. It wraps up with some forward looking thoughts and a list of ways in which executives can improve IT risk management.
Their basic premise is that effective IT governance essential in times of high change and increasing complexity (of systems as well as of business/problems). They discuss 4As - availability of systems, access to systems and data, accuracy or data and results, and agility in terms of ease of change - as being the framework for risk management. These 4As are supported by a foundation, a risk management process and a risk aware culture. The framework and the disciplines mostly work well for the authors, only occasionally becoming confusing to the reader. From my perspective I found the focus on agility very interesting as possible changes to systems should be considered along with general IT effectiveness when managing risk. Also, while the foundation is lower level than I usually consider, I think the objectives for the foundation can all be met more easily by and organization that has adopted enterprise decision management - the approach discussed in Smart Enough Systems: How to Deliver Competitive Advantage by Automating Hidden Decisions. It can make it easier to assess risk, easier to maintain systems, easier to change and fix them. It can also make it easier to apply risk assessments in operational systems by calling out the decisions that must be made, which is where risk assessment matters.
Fixing the foundation is described as a journey and I really liked the focus on incremental improvement. The foundation is a problem as most companies developed their IT infrastructure in stages. However, a poor foundation undermines agility by degrading the business/IT relationship and by making change to existing systems, to meet changing business needs, hard. While I think there are other ways to add agility into existing systems, I do agree with their assertion that you need to change and replace foundation to some extent. They make some fairly good suggestions for broad steps you can take and show the kinds of payoffs that come from the capabilities you enable with a better infrastructure. The authors make a critical point when they show how change in infrastructure is IT change while change in applications is business change but most IT departments don't see the difference - they see it all as "system" change making it harder to manage than necessary. Again, a focus on separate automation and management of decisions can help clarify this difference. There is a fair amount of useful discussion in the book about the need for both local and central management to which I would add one more category - where do decisions live in your organization? Should they be managed locally or centrally? The book outlines both incremental and "big bang" approaches to fixing the foundation and notes that incremental change is slower but surer. The discussion of how legacy application modernization might be business value based or risk based (human resources or technology risk for instance) or both (such as a need to change to support a new business strategy) was well done. I also really liked their idea of a renewal and reinvestment budget to keep legacy modernization ongoing and they had some great stories about human resources risk coming from retirements and the need to get knowledge out of people's heads and into systems.
The section on a risk governance process was thorough, although I think you need to be careful not to implement all of it blindly, and I liked the focus on broad risk awareness - not "risk-averse" or "risk-pro" just "risk-aware". To support this idea, IT needs to build systems in a risk-aware way - they need to drive their use of technologies and languages, consider the consequences of a failure to update documentation or code and so on. It occurred to me while reading these sections that organizations considering a policy manual for this stuff should also consider the value of rules and decision management as a basis for a "policy engine". They had a particularly nice example of a mid-sized company finding its legacy applications, and the lack of agility in them, to be a key risk and investing in replacing and upgrading systems to make maintenance and evolution easier and less risky. This kind of agility improvement is something enhanced by a parallel focus on decision management.
The book was a fairly quick read, had lots of useful suggestions and some good ways to think about the problem. If you think IT risk matters, you should read this.
书籍真实打分
故事情节:4分
人物塑造:5分
主题深度:4分
文字风格:9分
语言运用:7分
文笔流畅:6分
思想传递:8分
知识深度:9分
知识广度:4分
实用性:5分
章节划分:4分
结构布局:4分
新颖与独特:7分
情感共鸣:9分
引人入胜:9分
现实相关:6分
沉浸感:7分
事实准确性:9分
文化贡献:7分
网站评分
书籍多样性:9分
书籍信息完全性:5分
网站更新速度:7分
使用便利性:4分
书籍清晰度:5分
书籍格式兼容性:9分
是否包含广告:5分
加载速度:7分
安全性:9分
稳定性:9分
搜索功能:8分
下载便捷性:6分
下载点评
- 赚了(209+)
- 无广告(109+)
- 无盗版(447+)
- 章节完整(125+)
- 差评少(302+)
- 小说多(626+)
下载评价
网友 家***丝:好6666666
网友 居***南:请问,能在线转换格式吗?
网友 苍***如:什么格式都有的呀。
网友 师***怡:说的好不如用的好,真心很好。越来越完美
网友 石***烟:还可以吧,毕竟也是要成本的,付费应该的,更何况下载速度还挺快的
网友 焦***山:不错。。。。。
网友 索***宸:书的质量很好。资源多
网友 薛***玉:就是我想要的!!!
网友 冷***洁:不错,用着很方便
网友 堵***格:OK,还可以
网友 后***之:强烈推荐!无论下载速度还是书籍内容都没话说 真的很良心!
网友 融***华:下载速度还可以
网友 步***青:。。。。。好
网友 敖***菡:是个好网站,很便捷
网友 游***钰:用了才知道好用,推荐!太好用了