Here are some details I got to hear from a session on Leveraging Technology for Risk Management. The talk was a part of NASSCOM tech series and Mr. Vijay from KPMG was an excellent speaker talking about risk management.
As in one of his slides, the fundamentals of risk management are to
Know your risks
Know your Obligations
Know your Systems
Tie them up together and leverage technology for risk management.
He also talked about use cases on risk management and how it was overboard. One quote i recollect is ' What's the point in risk management if the result of analysis is not used!'.
He emphasized how risk management can really help organization in mitigating risk. Steps to initiate risk management would be to start small, merge physical and system access identities, get incidents and slowly respond to them globally, Security should be monitored on global basis.
To conclude on my understanding, many organizations now realize the need for Risk management. To what extent the technology can be leveraged in meeting risk management objectives would depend on the strategic plan and steps initiated to taken in this direction.
