Earlier I wrote about the Accenture 2009 global risk management study. Even though it focused on business risk the ideas, concepts and findings are relevant to Data Risk Management.

Effective risk management is also a matter of using the information derived from risk assessment and analysis to make better and more timely decisions. In this way risk management becomes more than just a matter of mitigation, compliance and control, as important as those processes may be. 

Risk management can become a proactive, continuous initiative focused on creating value and driving growth, not simply a reactive exercise in protecting value or guarding against failure. By optimizing both risks and rewards, companies with an effective and integrated risk management capability link risk and profitability objectives, improve strategic capital decisions and increase shareholder returns. They better coordinate risk measurement, capital allocation, performance assessment and management across the enterprise.  

Not surprising, SecureSphere Data Security Suite and specifically the DAS product were designed with that approach in mind to provide Risk Management capabilities based on data discovery and classification and vulnerability assessment scoring.