What is Digital Risk Management?



Digital Risk Management (DRM) is the next evolution in enterprise risk and security for organizations that increasingly rely on digital processes to run their business.

A Business Issue

Digital risk is risk associated with digital business processes. Digital risk is a business issue, not just a technology issue. Industry leaders are finding that digital risk management needs to be owned by the C-suite rather than by IT.

Quantification of Digital Risk

DRM defines a foundation for managing digital risk across various business functions (line-of-business, IT, security), by relying on the quantification of the business impact of digital risk.

Business-Defined Risk Balance

DRM enables business executives and their organizations to understand the digital risk profile of their operations from a business perspective and equip them with knowledge and a decision-making framework that allows them to balance the need to protect their organization with the need to run the business.

Digital Resiliency

The ultimate objective of digital risk management is to build digital resiliency, where an organization’s systems and operations are designed to detect digital threats and respond to events to minimize business disruption and financial losses.

Digital Risk Officer

The role of a Digital Risk Officer (DRO) is emerging in forward-thinking organizations. DROs will require a mix of business acumen and understanding with sufficient technical knowledge to assess and make recommendations for appropriately addressing digital business risk.

Best Practices

One of the main goals of the Institute is to develop a set of best practices for existing and prospective DROs and their respective organizations.
Discover them >