After sharing insights into how enterprise architecture can create increased value, align Business and IT, and enable Agile teams to go faster, let’s explore another topic that our thought leaders discussed on our recent webinar entitled, “Modernizing the Role of Enterprise Architecture in the Age of Digital Disruption.” Executive Strategic Advisor John Varicchio, KPMG Enterprise Architecture Leader Roland Woldt, and MEGA’s own Chief Strategy Officer Dan Hebda, closed out their conversation with a robust discussion on how enterprise architecture helps companies to manage risk.
Healthy friction: staying-in-business vs. out-of-trouble
Roland starts the conversation with, “There’s a big disconnect between the risk organization and the Business. One group has the idea to keep the organization out-of-trouble while the other group has more of a focus of staying-in-business and that’s an inherent conflict.”
Dan adds, “I like the notion of separation with stay out-of-trouble versus stay-in-business, which is Gartner’s integrated risk management model. The risk practice has moved from exclusively focusing on staying out-of-trouble to also participating in the stay-in-business side and that’s where you see a smart, strong interaction between risk and enterprise architecture. Obviously, enterprise architecture, is very focused on staying-in-business.
Further, he adds, “When we speak to moving enterprise architecture towards influential, here's an opportunity for those who may be stuck in noisy, or maybe they’re trying to build some trust from useful, that they can look to establish context. Using architectures, process, and technology can give context to risk and help the Business to generally understand what the effect is on a particular risk and whether or not the proposed mitigations would actually have the effects that we anticipate.”
Disconnected sources create gaps in many Governance Risk and Compliance tools
Roland responds, “When I look at GRC (Governance Risk and Compliance) tools, they’re typically some database-driven tools, good looking but not very intuitive, and the one thing that we notice is that users really like to have a process. I see a lot of clients frustrated because they have disconnected sources using multiple policy and risk tools that are not integrated. They need a centered tool in their overall tool stack that allows them to create the inter-connected visualization. This is where I see a gap in many GRC tools.”
Enterprise Architecture tools can create contextualization and allow companies to connect their data, process, and technology to identify, prioritize and mitigate risks. Companies that use MEGA’s Integrated Risk Management solution get a 360-degree view of risks and business operations. Understanding context allows a company to better qualify and quantify the impact of risks and prioritize mitigation strategies.
Enterprise architecture allows you to accelerate around the bend
Closing out this topic, John reiterates that, “Enterprise architecture can provide the guidance and guardrails to make the organization to go faster. Why does a car have brakes? Because it allows you to go faster,” John concludes. “It keeps us out of the ditches and allows us to go fast and accelerate at the bend.”
For additional insights, please view our short videos on how to move your Enterprise Architecture efforts from noisy to influential.