Whenever I talk about information governance risk is on the tip of my tongue as one of the two functions of information governance is reducing risk of indictment. The reality is that risk is not a bad thing. The best types of risks are intelligent risks. Chapter six in “the start-up of you” deals with taking intelligent risks.
Risk is a permanent part of life. Whenever there is competition people take risks. Because most businesses seek a competitive advantage they will take risks. Some aspects of risk may be clear to us in information governance that is not clear to business users, such as over retaining information. Another area of risk that has many unknowns is migrating from one cloud service provider to another.
Whenever your users want to implement a new technology, such as social media, there is risk involved. Our role is to manage and assess risk. The following are tips from the authors on managing and assessing risks:
- Do not overrate risk
- Is the worst-case scenario tolerable or intolerable?
- Can you change or reverse the decision midway through? Is Plan B doable?
- Don’t conflate uncertainty with risk, there is no such thing as 100% certainty.
- Consider age and stage. What will the risks be to you in a few years?
There is no such thing as avoiding risks. The company that avoids risks is the last one that makes the transition to email. The authors state in this chapter, “Pretending you can avoid risk causes you to miss opportunity that can change your life…the only long-term answer to risk is resilience. Remember: if you don’t find risk, risk will find you.”
Consider if risk is why you hesitate to get behind a BYOD policy. Is BYOD an intelligent risk? Look at the bullet list above and apply those tips for managing and assessing the risk involved with implementing a BYOD policy. Most importantly consider how you can apply an attitude of resiliency to areas of technology that you may be resistant to allowing in the enterprise.