Leading IT enterprises are migrating to all sorts of service-based digital business technologies, such as cloud, social media, Internet of Things (IoT), mobile, and xaaS. For many organizations there are financial unknowns and risks in migrating to the use of these types of digital business services.\nAs IT is becoming a services broker (rather than asset owner), we are seeing a large gap in managing digital business service risk\u00a0\u2014\u00a0a lack of risk identification, assessment, and management. What is needed is a new risk approach that extends typical IT risk management from considering IT-owned assets to including IT services.\nWhy?\nWe see that digital business service risks are different that traditional IT project risks:\n Peter Brooks \/ International Institute of IT Economics \nDigital business project risks\n\nThe new approach to risk management is aligned with the IT portfolio and project financial management shift to a total cost of service (TCS) concept rather total cost of ownership (TCO). We call this new approach to IT service broker risk management: the total cost of service\u2013risk management (TCS-R). The TCS-R is the identification, assessment, visualization, and management of an organization's service-based systems and project portfolio.\nAs an IT services broker, what risks should you be looking at?\u00a0Across IT service portfolios we see three major categories: business risk, enterprise risk, and IT service (delivery and support) risk. Many of these risks, particularly business and enterprise risks, are new for CIOs and others expanded from their traditional scope.\u00a0 The following are types of IT-as-a-service-broker \u2014\u00a0TCS \u2014\u00a0risks:\n\ncompliance\ncyber and network security\nenterprise Financial\nfraud\nintellectual property\nlegal\nprivacy\nreputational\ntechnology\nadoption\nmarket readiness\nmaterial business impact\n\nFrom a financial perspective, the result is that digital business services risks cannot simply be managed by the traditional expected value approach of creating one number that is the sum of the outcome expected costs and benefits times their probabilities. A new approach \u2014\u00a0the TCS-R\u00a0\u2014\u00a0is needed.\nThe next blog post in this risk series will describe TCS-R in more detail.