Three Kinds of Business Risk


C.K. Chesterton wrote, “The word ‘good’ has many meanings. For example, if a man were to shoot his mother at a range of five hundred yards, I should call him a good shot, but not necessarily a good man."

“It’s the qualifier ‘necessarily’ that shows Chesterton possessed a truly philosophical mind", write Thomas Cathcart and Daniel Klein, in their book Plato and a Platypus Walk into a Bar (p.81).

Yes indeed.

There’s something so neat-o about making distinctions. Good distinctions don't simply classify -- they illuminate and clarify.

Lev Lesokhin at Forrester in Dallas
Lev at the Forrester Office in Dallas

I was reminded of that during a recent visit to Dallas to spend some time with Forrester analyst Mary Gerush. (That’s my colleague Lev Lesokhin, breaking into an off-the-charts-spinal-tap-volume-11 smile because he’s finally out of the Dallas heat and inside the cool Forrester digs.)

Let’s distinguish three kinds of business risk :

  • Delivery Derailment Risk – risks that add IT cost or stop business revenue due to delayed launch or cancellation.
  • Business Case Risk -- risks that affect the quality of a delivered application; even though the application works, it doesn't work as well as it should.  The number of successful transactions per unit time cannot be completed to fulfill the benefits articulated in the business case.
  • Business Opportunity Risk -- risks that make the application hard to maintain and change in the face of pressing business demand. The resulting loss of agility damages future business revenue.

You lie awake at night worrying about project derailment risk and pay scant attention to the other two.

Watch out!

Filed in: Technical Debt
  This report describes the effects of different industrial factors on  structural quality. Structural quality differed across technologies with COBOL  applications generally having the lowest densities of critical weaknesses,  while JAVA-EE had the highest densities. While structural quality differed  slightly across industry segments, there was almost no effect from whether the  application was in- or outsourced, or whether it was produced on- or off-shore.  Large variations in the densities in critical weaknesses across applications  suggested the major factors in structural quality are more related to  conditions specific to each application. CRASH Report 2020: CAST Research on  the Structural Condition of Critical Applications Report
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Load more reviews
Thank you for the review! Your review must be approved first
New code

You've already submitted a review for this item