- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
CIO risk-taking 101: Playing it safe isn’t safe
To illustrate, some examples:
Applications portfolio rationalization: The most fundamental guiding principle of technical architecture management is to fill each required service exactly once. If your applications portfolio isn’t rationalized — that is, if it includes multiple, functionally overlapping capabilities — that creates a need for a geometrically expanding collection of synchronizations, along with a bunch of other vulnerabilities.
An unrationalized application portfolio, and for that matter poor rationalization of the other architecture layers, creates, in a word, “risks.”
Rationalizing the applications portfolio reduces the odds of these risks being realized. In risk management terms it “prevents” (aka avoids) them.
Identity management: Modern security architectures include tools for managing identity — for authenticating staff, assigning them to roles, and assigning rights, privileges, and restrictions to those roles, not to the individuals who fulfill them. Manage identity poorly and the wrong people will be in a position to do the wrong things.
Instituting sturdy identity management practices reduces the odds of a variety of risks becoming real — and also reduces the damage should a risk become real in spite of the organization’s preventive measures.
