The CIO’s Guide to Risk: 1st Edition (Hardback) book cover

The CIO’s Guide to Risk

1st Edition

By Jessica Keyes

Auerbach Publications

212 pages | 40 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781138090361
pub: 2017-11-16
SAVE ~$14.59
eBook (VitalSource) : 9781315108674
pub: 2017-11-22
from $36.48

FREE Standard Shipping!


In an age of globalization, widely distributed systems, and rapidly advancing technological change, IT professionals and their managers must understand that risk is ever present. The key to project success is to identify risk and subsequently deal with it.

The CIO’s Guide to Risk addresses the many faces of risk, whether it be in systems development, adoption of bleeding edge tech, the push for innovation, and even the march toward all things social media. Risk management planning, risk identification, qualitative and quantitative risk analysis, contingency planning, and risk monitoring and control are all addressed on a macro as well as micro level.

The book begins with a big-picture view of analyzing technology trends to evaluate risk. It shows how to conceptualize trends, analyze their effect on infrastructure, develop metrics to measure success, and assess risk in adapting new technology. The book takes an in-depth look at project-related risks. It explains the fundamentals of project management and how project management relates to systems development and technology implementation. Techniques for analyzing project risk include brainstorming, the Delphi technique, assumption analysis, and decision analysis. Metrics to track and control project risks include the Balance Scorecard, project monitoring and reporting, and business and technology metrics. The book also takes an in-depth look at the role of knowledge management and innovation management in identifying, assessing, and managing risk.

The book concludes with an executive’s guide to the legal and privacy issues related to risk management, as well overviews of risks associated with social media and mobile environments. With its checklists, templates, and worksheets, the book is an indispensable reference on risk and information technology.

Table of Contents

1. Analyzing Technology Trends to Evaluate Risk

Technology Trend Analysis

Conceptualizing Applicability of Emerging Trends

Conceptualizing the Future

Effect on Infrastructure

Delivering Information

Metrics for Measuring Success

Risk Assessment

Risk Evaluation

Risk Management Strategy

2. Information Technology Project Risk

The Proactive Risk Strategy

Risk Management

Sample Risk Plan

Risk Avoidance

Introduction to Quantitative Risk Analysis

Risk Checklists

3. Risk Analysis Techniques

What Is Risk?

Risk Management Planning Tools

Risk Impact

Risk Monitoring and Control

4. Auditing Knowledge Management to Reduce Risk


Audit Questions

An Audit Plan

Risk and Knowledge Management

Linking Knowledge Management to Business Performance

5. Innovation Management to Reduce Risk

Encouraging Innovation

The Research and Development (R&D) Process

Measuring Innovation

The Six Steps to Increasing Creativity

Rewarding Employees for Innovative Ideas

6. Performance Measurement and Management for Reduced Risk

Adopting the Balanced Scorecard

Attributes of Successful Project Management Measurement


Measuring Project Portfolio Management

Project Management Process Maturity Model (PM)2 and Collaboration

7. Information Technology Project Tracking and Control

Things Change

Budget Monitoring

Project Reporting

Project Metrics

Business Metrics

Technology Metrics

Risk Metrics

Methods for Assessment

Process Improvement

Quality Control

8. Fundamentals of Information Technology Project Management

Why Project Planning

Project Management and the Systems Development

Life Cycle

The Project Manager


The Project Team

Project Management Office

Balanced Scorecard

The Portfolio Perspective

Project Management Methodologies

9. Project Critical Success Factors

Just What’s Critical to Project Success

The Right People

Technological Issues

Effective Communications

The Proper Utilization of Standards


Being Political



10. Legal, Privacy, and Security Risk

Website Legal Issues




Computer Fraud and Abuse Act

Corporate Content

Developing Your ePolicy

Security Issues

Web Server Security

Protecting Mobile Devices

11. Assessment and Mitigation of Risks in a Bring Your Own Device (BYOD) Environment

A Process for Controlling Risk in a Bring Your Own Device (BYOD) Environment

Recommendations for Mitigating the Identified Vulnerabilities

12 Social Media Risk

Compliance Risk Management Expectations

for Social Media

Risk Areas

Operational Risk

About the Author

Jessica Keyes is president of New Art Technologies, Inc., a high-technology and management consultancy and development firm started in New York in 1989.

Keyes has given seminars for such prestigious universities as Carnegie Mellon, Boston University, University of Illinois, James Madison University, and San Francisco State University. She is a frequent keynote speaker on the topics of competitive strategy, and productivity and quality. She is former adviser for DataPro, McGraw-Hill’s computer research arm, as well as a member of the Sprint Business Council. Keyes is also a founding board of director’s member of the New York Software Industry Association. She completed a two-year term on the Mayor of New York City’s Small Business Advisory Council. She currently facilitates doctoral and other courses for the University of Phoenix and is a member of the Faculty Council for the College of Information Systems & Technology.

Prior to founding New Art, Keyes was managing director of R&D for the New York Stock Exchange and has been an officer with Swiss Bank Co. and Banker’s Trust, both in New York City. She holds a Master of Business Administration from New York University, and a doctorate in management.

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Information Technology
COMPUTERS / Software Development & Engineering / General
TECHNOLOGY & ENGINEERING / Engineering (General)