What is the value, to a
customer, of software tools that help reduce risk? This is often difficult to uncover and
convey, but the good news is that organizations need to manage and reduce
risk. Interestingly, the higher the
level of the job title, the more clearly this is understood.
Software that helps to manage
and reduce risk is often equated to buying insurance – we’d rather pay a small
amount each year to make sure we are protected against accidents, malicious
acts and natural disasters rather than risking the full cost of replacement or
repair of our house, car, or our health.
Typical business risks include, along with the costs:
-
Risk of data
breach: costs of suits and damage to
corporate image
-
Risk of
non-compliance: fines, additional audits
(often costly), possible damage to corporate image
-
Risk of natural or
man-made disaster: lost records
(compliance risks), loss of productivity, costs of rework
-
Risk of human
resources or customer interaction errors (another form of non-compliance,
really): costs of suits and damage to
corporate image
-
Risk of project
failure or delay: loss of investment
and/or rework costs, possible suits
One simple way (a good starting
point) to assign a value to these risks is to research what has happened to
other, similar organizations to your customer and use those specific fines and
costs as real-world examples. I did a
quick Google search using “cost of data breach” and found the following:
1.
“The risk and cost of a
data breach continue to grow. The recent Ponemon Institute Cost of a Data
Breach study found the average cost of a data breach to be $5.5 million with
average cost per compromised record more than $194.”
Other thoughts on this?
2 comments:
nice..
Risk is part of Governance, Risk, and Compliance. GRC has board scrutiny; it is guaranteed to ring many bells with an executive attending a demo. Obviously, of no interest to an IT technician.
Post a Comment