How have you integrated your organization’s risk appetite into your data and analytics risk management framework? Who is responsible for assessing if a given data/analytics initiative falls within the organization’s risk appetite?

60 views3 Comments
Sort By:
Oldest
Sr. Director, GenAI Program Management in Healthcare and Biotech3 months ago
The integration of our organization's risk appetite into our data and analytics risk management framework is primarily overseen by the Risk Review Board and the Technology Review Board. This group includes a cross-section of security, general counsel, and enterprise architects. Their role is to ensure that new solutions do not adversely affect other systems or operations. We engage in detailed discussions at the use case level, as different use cases carry varying degrees of risk.

For example, initiatives involving healthcare information and outcomes are considered high-risk due to their potential impact on patient care. These require extensive due diligence to ensure they align with our mission of improving healthcare outcomes. On the other hand, projects focused on operational efficiencies, which do not involve sensitive healthcare information, allow for a more tolerant approach towards data risks. These distinctions help us categorize projects into appropriate “swim lanes,” allowing us to manage them at a pace suited to their risk profile.

Head of Data & Analytics3 months ago
Reflecting on the different approaches discussed, it's evident that there is a spectrum of risk management maturity across organizations. Some are in the early stages, where processes might still be informal and reactive, while others have established sophisticated risk councils and technical review processes. The key is the partnership between data leaders and other organizational units like CSIO teams, legal departments, and information security. These collaborations are crucial in developing and refining risk management processes. Even if an organization isn't perfect, as a data leader, you need to have a clear goal and work towards it collaboratively. This ongoing dialogue about risk mitigation and management maturity is vital for continuous improvement in data governance.
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Chief Technology Officer in Software3 months ago
Our approach is somewhat different. While we do not have a formal framework like Jason described, we maintain a master document that outlines our data and analytics practices. This document is transparent and accessible to all stakeholders, ensuring that everyone is informed of potential changes and the rationale behind them. We review this document periodically and make incremental adjustments in response to new situations and use cases. This evolving document serves as a foundational tool in managing our data-related risks, albeit in a more rudimentary way.

Content you might like

Do you prefer learning using audio or video content?

Training & CertificationPersonal DevelopmentEmployee Engagement

Audio19%

Video70%

No preference8%

It depends (please explain in the comments)1%

View Results
3.7k views2 Comments

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

How will your team's headcount change in 2020?

Talent Management & PerformanceFinancial Management

Increase47%

Stay Flat45%

Decrease6%

View Results
2.5k views4 Upvotes

Hello -   We have several BI tools in our data & analytics ecosystem , some of which we are trying to rationalize. However, we are likely to have at least 2 BI reporting tools used broadly across the enterprise (Tableau, Power BI, potentially MicroStrategy), with interoperability with the same data layer (Databricks). In am interested in learning about the topics below:    1. What decisioning criteria should one use to guide a end user to a tool vs the other?    2. What are the pros/cons of allowing users or teams to self select the reporting tool?  Thank you

Business IntelligenceDashboards & VisualizationData Management
10 views