Like any investment, risk must be taken into consideration. Generally, the higher the risk, the higher the corresponding returns. Determining the risk factor for your IT investment serves three critical purposes. First, it provides a sanity check of the overall investment. If there is very high risk and very little value generated by that risk, the investment should be rethought or scrapped.
Second, it helps ensure the investment fits into your overall IT strategy. Too many high-risk projects spells potential disaster. Consistent spending on extremely safe projects might leave the door open to competitors. Finally, being forced to quantify risk helps identify potential pitfalls, and develop appropriate countermeasures.
Completing these four steps in concert with the rest of your organization helps develop agreement around what a particular IT investment should accomplish, how its progress can be measured, and what the value to the business should be. Understanding the risk of the investment ensures it fits in with the overall IT and corporate strategy and improves the understanding of potential pitfalls.
When the value of the project is presented in concert with its risk profile, IT spending is no longer a game of fuzzy math or a list of immeasurable benefits and assurances from the CIO to just trust us on this one. This aligns IT with other corporate investment decisions, where ROI is rarely predictable and intangibles must also have some representative value.
Patrick Gray is the founder and president of Prevoyance Group, located in Harrison, NY. Prevoyance Group provides strategic IT consulting services. Past clients include Gillette, Pitney Bowes, OfficeMax and several other Fortune 500 and 1000 companies. Patrick can be reached at email@example.com.