Why Doesn’t Risk Management Matter More to IT?

I looked through Baseline’s new list of the 50 Most Influential People in Business IT to see how many honorees operated in the realm of governance, risk management, and compliance. I didn’t find many.

Aside from Michael Howard, Microsoft’s senior security program manager, and Howard Schmidt, the former eBay executive who now serves as the U.S. Cyber Security “Czar,” the list contained hardly any references to risk management.

These lists always raise questions – heck, they are intended to – and Baseline’s raises an important one: Why doesn’t risk management rate as valuable as social media, software, and search engines seems to in the business-IT community?

Behind every successful GRC effort I’ve examined, I’ve found an IT executive (or a finance-IT expert) who is pivotal to the program’s success. Why aren’t these folks considered influential?

Any ideas?

(While we’re at it, I'm also curious why our government has grown so fond of a title normally associated with corrupt Russian royalty of past centuries.)