IVI Framework Viewer

Culture and Stakeholder Management

A7

Establish a risk aware culture. Motivate and secure stakeholder support, buy-in, and ownership of key risk management initiatives.

Improvement Planning

Practices-Outcomes-Metrics (POM)

Representative POMs are described for Culture and Stakeholder Management at each level of maturity.

2Basic
  • Practice
    Begin to raise awareness of how risk management activities contribute to the organization's objectives and begin to offer incentives/rewards for achievement of those objectives.
    Outcome
    There is emerging visibility of how risk management activities and the achievement of strategic objectives may be linked.
    Metrics
    • % of employees with awareness of how risk management contributes to strategic objectives.
    • % of employees receiving incentives/rewards.
  • Practice
    Provide senior IT management support for a number of key risk management activities.
    Outcomes
    • There is growing commitment by IT senior management to improving risk management practices.
    • Broader stakeholder buy-in and ownership of risk management activities are emerging as a result of visible managerial sponsorship.
    Metrics
    • % of senior IT management who sponsor risk management initiatives.
    • % of senior business unit management who sponsor risk management initiatives.
    • % of risk management initiatives with adequate sponsorship.
3Intermediate
  • Practice
    Promote a common understanding across most areas of how risk management activities contribute to the achievement of strategic objectives and consistently incentivize achievement of those objectives in those areas.
    Outcomes
    • Awareness of the importance of risk management and acceptable behaviours grow among individual employees.
    • Many employees are better motivated to support the realization of objectives.
    Metrics
    • % of employees with awareness of how risk management contributes to strategic objectives.
    • % of employees receiving incentives/rewards.
  • Practice
    Provide senior IT and business management sponsorship for risk management activities.
    Outcomes
    • Fundamental sponsorship requirements for risk management are in place.
    • Employees in most areas demonstrate strong buy-in, ownership, and commitment to risk management activities, and are motivated to contribute to them.
    Metrics
    • % of senior IT management who sponsor risk management initiatives.
    • % of senior business unit management who sponsor risk management initiatives.
    • % of risk management initiatives with adequate sponsorship.
4Advanced
  • Practice
    Promote organization-wide understanding of how risk management activities contribute to the achievement of strategic objectives, and incentivize achievement of those objectives across the organization.
    Outcome
    Employees across the organization are fully aware of the importance of risk management and are strongly committed to working together to realize objectives.
    Metrics
    • % of employees with awareness of how risk management contributes to strategic objectives.
    • % of employees receiving incentives/rewards.
  • Practice
    Establish organization-wide senior management sponsorship, and empower and encourage desired employee behaviours for risk management.
    Outcomes
    • Employees across the organization demonstrate strong buy-in, ownership, and commitment to risk management activities.
    • The activities are universally recognized as underpinning the success of broader organization-wide activities.
    Metrics
    • % of senior IT management who sponsor risk management initiatives.
    • % of senior business unit management who sponsor risk management initiatives.
    • % of risk management initiatives with adequate sponsorship.
5Optimized
  • Practice
    Proactively collaborate with relevant business ecosystem partners to help realize strategic objectives through undertaking risk management activities.
    Outcome
    Risk management activities are regarded as being part of everyone's job, both within and external to the organization.
    Metric
    % of employees with awareness of how risk management contributes to strategic objectives.
  • Practice
    Encourage formal sponsors to continually review the status of risk management initiatives for further improvement opportunities.
    Outcome
    Senior management is fully engaged in driving risk management activities.
    Metric
    Frequency of review cycle.