Digital risk is becoming one of the fastest-growing, most wide-spread risks in any organization. Not to be confused with “cyber risk”, Gartner defines “digital risk” as ‘the set of risks inherent in digital products, services, and supporting processes.’ When organizations do not effectively manage their data, they put themselves at risk of making mistakes, losing confidence among key stakeholders, or worse. In a previous blog post, we described how an effective data management strategy can serve as a type of risk management strategy. Consider this example from the real world: a recent potential subscriber asked us, “Would your software system help ensure our organization does not demolish a house that does not belong to us?”
Imagine the risk implied in such a question. If the organization demolished a house they don’t own because of a simple mistake, or because the authorization workflow did not have fail-safe decision points, the likely repercussions might include:
- Causing someone to become homeless
- Having to pay the cost to replace the home
- Suffering significant public embarrassment when the story reaches the local news
- Getting sued by the homeowner
- And almost certainly, somebody’s getting fired.
A new market research study produced by AuditBoard titled “Digital Risk Maturity Report 2022: Turning Digital Risk into Your Competitive Advantage” found that the majority of organizations surveyed (63%) had data risk management strategies that are in their early inception, if they had one in place at all. Equally alarming, nearly 80% of respondents assigned digital risk management as part of an IT or security policy framework. This means it is assigned to someone outside the operational group.
Managing data risk is a responsibility shared by everyone who touches data. That means it’s not an external responsibility; it’s an operational responsibility. Loss of data, poor use of data, mismanagement of data, and poor data integrity or quality pose potentially significant operational, financial, and reputational risks.
How Data Management Can Improve Your Risk Management
- Users can’t delete data. They can archive it or make it inactive, which is very different.
- Users’ permissions to access and edit data are based on a least-access required/least-access provided framework.
- Only some users have administrator rights to modify configurations or change data elements. This enforces data standardization- an apple is an apple, no matter what.
- The built-in workflows support both system and user actions. Decisions are assigned to the right entity at the right time, so if a key decision needs to be made, it is not left to chance.
- Modules have audit histories for key records. If someone makes a mistake, the organization can determine accountability (who, what, when), and who has the ability to fix it.
“Automating a risk management program using technology — e.g., software-as-a-service solutions, robotics process automation (RPA), and advanced analytics solutions — can create efficiencies and lead to more effective risk management practices and assurance activities.”
– AuditBoard Digital Risk report
There is much more we could say about this, but the main point is, good software protects users from mistakes and anticipates data risk through good design. When organizations do not have a data management system, they are taking on a lot more risk than they should. Using property data management software such as ePropertyPlus allows you to track where your projects are at any point in time and head off problems before they spiral out of your control.
If you are interested in learning more about how we approach data management and risk, let’s talk. As the research shows, if your organization does not have a data risk management strategy, you are not alone. In fact, you are typical. Let’s see if we can make you exceptional.