Guide to the TechWeb Network

Intelligent Enterprise

Better Insight for Business Decisions
Intelligent Enterprise - Better Insight for Business Decisions
search Intelligent Enterprise
Advanced Search
RSS
Webcasts
Whitepapers
Subscribe
Home



November 18, 2003

Corporate Governance: The Elusive Balance

Regulatory compliance is now a fact of life for nearly all businesses. The critical question for many organizations has become: How can we prevent this policy focus from unduly hindering the viability of strategic business processes?

by Frank J. Bernhard

Continued from Page 1

Tightrope Walking

Like a gymnast performing on the bar or a circus act balancing on a tightrope, companies must set in motion policies that don't make it impossible to reach strategic objectives. Clarity of mission matters greatly when balancing risk and reward and communicating that balance in terms of policy and corporate governance. When faced with casting policy that governs a wide set of people and practices, organizations should consider the following:

Scope. The actual dimensions of a policy say a lot about the density and size of what is being demanded, and about the organization's ability to handle the extra burden. Too often, policymaking fails to "right size" the protection. However, a policy with too narrow a scope leaves unsafe loopholes that make governance ineffective.

Goal Attainment. The real objective in most policy implementations is not always clear. Setting clear and concise goals of how the policy will achieve a desired outcome is a critical phase of policy process. What will the policy do to achieve objectives for compliance, improvement, or reporting?

Thresholds. Setting tolerances will help guide the productive intent of policy goals by determining a more exact "when" or "where" the rules must change to fit the evolution of an organization. Policies shouldn't break apart at the seams but rather bend to meet goals.

Assign Risk. Measurement is important to get a full sense of the risk mitigated (or imposed) by policy action. Start by delineating milestones for lowering risk outcomes and decide whether these outcome frequencies match your organization's threshold.

Review. Decide now to reexamine the effects of any policy at set time intervals. Seasons change and so does the business environment. Make it a practice to match scope, goals, and thresholds to the assignment of risk on a regular basis.

The CIO's Role

Governance and policy go hand in hand with IT decisions. So, why are so many CIOs left behind in the fray of the decision process when it comes to implementing policy?


Most Popular This Week
Business Process Management 101: The Basics of BPM and How to Choose the Right Suite
Business Intelligence 2.0: Simpler, More Accessible, Inevitable
Gartner BI Summit 2008: The Next Generation of Innovation
Of BI and Baseball: Two Reports Present Vendor and Product Standings

IE Weekly Newsletter
Subscribe to the newsletter
    Email Address







InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo Jitter
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet Evolution
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space