IT Architecture and Risk Management

Seminar paper from the year 2011 in the subject Computer Science - Commercial Information Technology, grade: 1,0, AKAD University of Applied Sciences Stuttgart, course: Enterprise and IT Architecture Management, language: English, abstract: "In the twenty-first century, IT architecture will be the determining factor. The factor that separates the winners from the losers, the successful and the failures, the survivors from the others."

(Zachman, 1996, p. 2)

The author Zachman (1996, p. 7) emphasises in his article the growing significance of IT architecture for modern enterprises. According to Zachman (1996, p. 1) IT architecture aligns business strategy with information technology and enables the achievement of business goals. Therefore, an efficient IT architecture is a key factor for companies which are faced with increasing changing markets and shorter product life cycles. In contrast to that, an estimated 68% of corporate IT projects are neither on time nor on budget and they don¿t deliver the original stated business goals (Jeffery & Leliveld, 2004). Regarding

Fairbanks (2010, p. 8) a major cause for this is an insufficient risk management in the IT architecture development in principle. Therefore many IT architects ask themselves, how they could identify and prioritize their project¿s most pressing risks? Which architecture

and design techniques mitigate the risks and what is the amount of risk reduction?

In order to answer these questions, section 2.1 defines the terms architecture and enterprise architecture before it deals with the IT architecture itself. The following section 2.2 gives an overview of risk and risk management in general. Chapter 3 presents the main chapter of this assignment. At first, it gives a brief overview

of the role of IT risk management in the scope of strategic management. The next two sections illustrate the IT risk management and IT risk management process. In addition to that, section 3.4 describes different instruments for IT risk analysis whereas section 3.5 shows how IT risk management can be implemented in the architecture life cycle. The section 3.6 outlines the regulations which affect IT risk management. Moreover chapter 4 discusses the benefits and limitations of IT risk management. Finally chapter 5 summarizes the basic insights and gives a short perspective.