Applying Big Data Risk Management
Risk Management:
From a risk management perspective, any effort to improve the management of today’s large reservoirs of data must approach the challenge on both fronts:
-
1. It must mitigate the strategic risks associated with using big data initiatives to boost performance, improve sales and achieve other strategic goals.
2. It must develop ways to use big data to perform the risk, audit and compliance functions more efficiently. In other words, the objective is to both “increase the gain” and “reduce the pain”.
Applying Big Data Risk Management: ‘Noise’ or ‘Signal’
Phase-1: Identify Roles and Responsibilities
The roles of risk, audit and compliance professionals in supporting and developing big data approaches should be clearly defined at the outset. As new strategic, marketing, customer-service, and operational initiative are launched and championed by other groups. It is essential that risk and compliance professionals be engaged in the process of determining if there are issues that require C-suite or board level attention
Phase-2: Define Goals and Priorities
Another critical early step is clearly defining and prioritizing the goals the organization holes to achieve by using big data. As with any high-level function, the definition must be directed at the executive level with general board oversight. But its success ultimately will depend on those who are actually involved in developing the big data approach for input and expertise. These contributors include the potential users of big data -strategies, marketers, researchers and operational managers – as well as the IT team and the risk and compliance professionals.
Phase-3: Assess Critical Data Issues
With goals and priorities established, a closely related activity is assessing the critical data-related issues that are likely to arise as these initiatives are undertaken. These issues may include matters such as privacy concerns, the degree of transparency required for regulatory compliance, existing data silos, necessary firewalls that either exist or most be constructed and existing firewalls that should be removed.
Both the risk management and executive team should be actively involved in this effort – risk management professionals providing hands-on-expertise and counsel and the executive team making sure the issues are being addressed in ways that comply with the organization’s long-term strategies and governing principles.
Phase-4: Identify Key Risk Indicators
As big data initiatives are developed, the critical data issues that were identified upfront will help to inform the risk management team as it identifies key risk indicators to be monitored. The goals are to spot troublesome trends as they start to emerge in the data and to get ahead of the curve before performance problems arise. In this effort, risk management professionals should be particularly alert to the need to play both reactive and proactive roles in managing big data risk. In addition to monitoring and mitigating risks associated with the use of big data in various business functions such as marketing, hiring and product development. They should be alert to opportunities to employ big data proactively as risk managers.
Phase-5: Identify Opportunities to Add Value
In businesses that are inherently data-intensive, it is possible to generate added value in the risk management element by finding new ways to derive meaningful analysis from large quantities of data.