Innovation is the lifeblood of virtually any organization. Do it well, and you can take advantage of new business models, enhance customer experiences or streamline processes. This is why 94 percent of chief information officers (CIOs) will spend up to 50 percent of their time on innovation. But beware, not all innovation yields positive results. By reimagining processes and systems, one can introduce new risk and cost, which can materially affect the business over both the short and long term: the law of unintended consequences. Here are some top tips on how to balance innovation and risk from those who have succeeded.

Start with a systems-thinking approach

In many organizations, the primary purchasing power has moved away from the IT department and to the business units as centralized IT budgets were cut over the years. This can lead to decisions where the objectives of a given project may be inadvertently narrow and misaligned with overall corporate plans. One of the primary reasons why so many high-profile digital transformations fail is because they are not hard-wired into business strategy and to business value. A better approach to minimize the downstream risk of rework? Develop a holistic and integrated picture early on by ensuring alignment between IT and business unit heads and placing specific projects into the context of the organization’s overall goals.

Implement a flexible DevOps strategy

While only one in 10 organizations currently have no plans to implement DevOps due to the obvious benefits of delivering applications more rapidly — according to Forrester Research — the path forward to this desired end state isn’t always clear. Integrating a single, unified DevOps framework that both developers and testers can use is particularly difficult. Instead of a rigid platform, employ an integrated toolchain to deliver fully automated testing and continuous quality, and  identify life-cycle management capabilities specifically developed to suit lean, agile and DevOps-focused teams that can operate at enterprise, team and individual levels. Soon, there will be releases several times a day without the worry of things breaking down when additional teams are pulled into the mix.

Modernize core business systems

In most organizations, some core systems have been in place for many years, which generally have additional IP and processes built around them to add more value. Making dramatic adjustments to them can result in degrading return on investment, as well as risk that can manifest itself in the form of downtime, outages, security threats and poor interactions with customers. While it may be tempting to start over with fresh-off-the-shelf technology as part of an innovation strategy, in many cases a safer move is to build out from a known and established position. The strategy, often called IT modernization, allows organizations to extend current investments with software that bridges the old and the new.

Don’t forget security, risk and governance

Innovation often requires a mindset that prioritizes breaking things apart — out-of-the-box thinking, as it’s commonly described. While this may be a tried-and-true approach, one also has to take measures to ensure that an organization’s most important assets — identities, applications and data — aren’t compromised in an effort to be creative. Some reasons for this are obvious: The bad guys never sleep. 33 percent of CIOs reported a major cyber attack in the two years before April 2018. Other reasons may be less obvious, but carry risks that are just as significant. For example, evolving privacy regulations such as the General Data Protection Regulation (GDPR), and interpretations of those requirements, mean that organizations sometimes have to hit a moving target. Be sure you build flexibility into your security, risk and governance strategies, and incorporate a checks-and-balances process into all innovation initiatives to help manage both the top and bottom line concurrently.