Related Events IT Security Summit Gartner Symposium ITxpo 2007 – Orlando Gartner Symposium ITxpo 2007 – France Gartner CIO Academy Gartner CIO Academy – At the Wharton School Related Gartner Research Executive Summary: Business Performance is the Value of IT Executive Summary: Executive Lessons Post September 11 Executive Summary: High Value, High Risk: Managing the Legacy Portfolio Executive Summary: Leading Enterprise Change Childhood Ends: Liability and the IT Industry Amazon.com Barnes & Noble 800 CEO READ Format: Hardcover, 1st ed., 256 pp., $35.00 ISBN: 1422106667 Harvard Business School Publishing, August 2007 For bulk orders, email 800 CEO READ Consider the following: Failed software implementation at a pharmaceutical manufacturer leads to the company’s bankruptcy. Data theft at CardSystems Solutions prompts the firm’s two largest customers – Visa and Mastercard – to defect. Errors in a tax-credit management system at the U.K. Inland Revenue lead the organization to pay out over £2 billion in erroneous tax credits. Complexity of IT systems impairs a high-tech manufacturer’s ability to buy and sell businesses. These and other manifestations of IT risk may seem like they can’t happen within your own organization. In IT Risk, George Westerman and Richard Hunter prove otherwise—revealing the dangers of clinging to that assumption. IT has become increasingly central to business success – but many enterprises haven’t adjusted their processes for IT decision making and risk management. The result? IT-risk incidents carry a much higher price tag than they used to. They harm constituencies within and outside companies. They damage corporate reputations. They expose weaknesses in firms’ management teams. And they rob profits and dampen competitive advantage. In this timely and authoritative book, the authors define four types of IT risk: availability, access, accuracy, and agility. Citing numerous company examples, they then introduce three disciplines that enterprises must master to manage IT risk effectively: A solid foundation of IT assets, people, and supporting processes and controls that enable executives to manage the right risks in the right order. A well-designed risk governance process – including oversight by high-level executives – that allows companies to identify, prioritize, and track risks. A risk-aware culture, nurtured from the top, that attunes people to the causes and solutions for IT risks and creates increased vigilance across the organization. This book also offers powerful diagnostic tools to measure your company’s strengths in each core discipline—and help you continuously improve competency and competitive advantage