Growth vs. risk: How CIOs can determine their firm’s comfort zone

Read Part 1: How CIOs can strike the balance

Read Part 2: Maintaining the core in your organization

Risk is the elephant in the room in many IT discussions. CIOs managing a complex portfolio of core and growth projects need to factor risk into their decisions as well. A key input to your risk evaluation is your organization’s risk appetite. Your understanding of risk will help you provide thoughtful guidance to your organization and project managers.

Cloud services (e.g. Software as a Service), as an example, present new risks. “In some cases, organizations cannot customize Cloud solutions to mirror their current processes as they might have with their legacy on-premise solutions,” commented Michael Klubal, partner at KPMG Canada, in an interview. Lack of customization poses risks of disrupting key business services and staff frustration with IT.

Use these three questions to determine the risk appetite of your organization’s senior leadership.

  1. Observe Risk Discussions

When risk comes up in discussions, do you notice an immediate increase in tension and stress? Or do you see a disciplined approach to thinking through risk and implementing strategies to address it?

If risk discussions tend to cause panic and uncertainty, your organization probably has a low appetite for risk.

  1. Risk Management Function/Department

Does your organization have a formal risk management department or professional on staff? The lack of a dedicated risk function may indicate your organization has limited risk concerns.

  1. Industry Leader or Industry Follower

Finally, does your organization see itself as an industry leader seeking to push the envelope or does it follow the lead of other organizations? Industry leaders are typically the first to launch new product categories, enter new markets and implement other ideas. Embarking on new ideas means accepting a higher probability of failure.

If you consider your organization to be an industry follower, you will be constrained in your ability to push for high risk projects.

Taken together, these three points provide a reasonable proxy for an organization’s risk appetite. For additional context, you can ask similar questions about your IT organization. Once you gather all the risk information, the CIO has to make a leadership decision on whether to go with the flow of the organization or lead in a new direction.

Deciding and managing the blend of growth and core IT projects is a core responsibility for CIOs. By adopting an “asset mix” philosophy to your projects, you can sustain your organization’s commitment to R&D in lean times. The asset mix will also ensure you give resources to the core, even when it appears to functioning smoothly.

Learn more from Bruce Hapham by visiting

photo credit: via photopin cc

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Bruce Harpham
Bruce Harpham
Bruce Harpham writes about project management training at Project Management Hacks. His experience includes leading cost reduction and process improvement projects in the financial industry. Sponsors make or break IT project success. Learn how to build an effective project sponsor relationship with our new report. Go to Project Management Hacks to receive the latest articles.

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now