Compliance In IT: Sealing The Risk Gap
Organisations today cannot leave IT security to chance, and wait for a breach or attack to occur and then take remedial measures.
How Do SMEs Tackle Compliance Challenges in IT?
SMEs must take the following best practices into consideration while forming a governance model.
IMHO, I would classify risk management as “very subjective”.
Consider a website development project that has been funded, and is estimated to take 100 man hours (approx 13 man-days) and has a team of 3 people working on it – a project manager and 2 developers (approx 5-6 man-days per person).
* Now it’s upto the project manager to ensure there is no financial/expense risk by bidding high enough
* Ensure there’s no time risk by padding the delivery timeline quote adequately. Also in the event there is an illness, power outage, etc
* There has to be a time buffer. There have to be measures like maybe a UPS or medication (maybe flu medication if flu season is around)
Sometimes its possible one team member is suddenly not able to perform – job change, accident, death – anything. The project manager is responsible to ensure this capacity is filled and the limitation (maybe training of the new entree) here is overcome. Overall, a good risk management policy is one that helps reduce the focus on risk from 80% to 20%.
If you keep good power backup, additional on-call employees, medication on hand, your risk to manpower loss is limited – and you spend less time trying to wrap up that end of the spectrum. Likewise if you have bid high enough to cover your expenses you have less trouble there – and you dont need to either be in a hurry or re-quote or otherwise risk your reputation on deliverability.
I dont think it’s possible to eliminate risk 100%. I figure a re-iterative 80-20 process (just like we use for quality management in 6 sigma) would be the most functional and effective.
But then again – to each their own. This is MY belief and methodology. If you find this of use and wish to publish or write about it feel free; I’m happy to elaborate more and provide much more detail; I would just like to know where it is and have my name mentioned on it in a wee corner.
You are only as credible as your online reputation. In fact if your online reputation is bad, you may have trouble getting your personal/company website, your blog or anything positive related to you – appearing on search engines.
This goes way beyond SEO and SEM. This is creating history. If history created around your name was bad, negative, otherwise just “non-positve” – you will not appear in search results. Your site may not be indexed (because if Google links you to something bad it must be true) – it can just get worse and worse!
Fortunately there’s a fix, a cure – and even methods of preventing this in the future!! One of my friends just had this issue… 2 years ago. A really crooked and bitter ex-employee put up a horribly negative reputation, and its been difficult to get his website to appear easily on Google. Difficult to find clients who trust him, and hard to retain current clients and employees.
The fix was relatively painless, and in just 6 months the negative reputation vanished; replaced by positivity – and he had more clients than ever!!