Sure, as a CIO or IT manager, you know what IT risk management is. It’s all about applying risk management principles to IT, including the adoption, ownership, operation and influence of IT within the larger context of the enterprise but in terms of risk management language, are these principles communicated properly across the organisation?
“Here, take my old PC. I’m getting a new one to help meet my advanced needs, but this one will surely do the job for you.” This, in a nutshell, is cascading in IT asset management.
On the face of it, it sounds simple. IT strategy should be driven by business requirements.
Wait a moment, does it actually make sense to talk about shadow IT and sourcing strategy in the same breath?
If you’ve archived backups of data for contractual or regulatory reasons, do you also need to back that data up?
There is some deeper relationship between IT security and the sea that has yet to be fathomed.