Many enterprise folks assume that granular processes relating to the definition and launch of an ERP implementation, also suggests that any marginalizations and/or assurances associated with enterprise ‘risk management’ will also be resolved once a system has been spun up.
Unfortunately, while this assertion may appear to be a reasonable premise, in reality this is largely untrue.
There are significant differences between dealing with ‘risk management’ at a technical level, versus ‘risks’ related to how a technology may or may not pose a threat to the enterprise at-large.