Information Technology has changed the financial and other industries. The power dynamics between financial institutions and their customers has shifted, and having a sound technology risk strategy is more important than ever.

This site contains articles and links about the intersection of Strategy, Technology, Operational and Risk Management, particularly in banking and financial services.

In particular, the major categories of Strategic Technology Risk are covered as in the red blocks in the diagram below

The major sets of risks are:

1. Strategic Technology Positioning Risks: or the risk(s) that the target technology ‘position’ chosen by the board fails to support the firm’s business strategies.
   In short, the technology choices made by the board and management are not ‘fit for stratgeic purpose’.
2. Strategic Technology Execution Risks: or the risk(s) that the programs to execute the technology strategy fail to achieve the target technology ‘position’ chosen by the board.
   In short, the major technology programs  needed to achieve the technology strategy are not managed properly.
3. Strategic Technology Governance Risks: or the risk(s) that the board and management do not put in place the governance processes to: (a) develop a technology strategy that will achieve its strategic objectives; and (b) govern the programs needed to execute the technology strategy chosen by the board.
   In short, the proper policies, processes and management structures are not in place to develop and execute the technology strategy.
4. Strategic Technology Operations Risks: or the risk(s) that the board and management do not put in place the governance processes and necessary resources to operate the target technology model that is needed to support the technology strategy chosen by the board.
   In short, the management structures and operational resources are not in place to operate the technology model arising out of the technology strategy.
5. Operational Risks involving Technology:or the risk(s) that the board and management do not put in place the governance processes and necessary resources to mange the risks that arise from the technology strategy chosen by the board .
   In short, the operational risks that arise from running a sophisticated technology model, such as cyber-risks and privacy risks.