General objective of this article paper is to discuss and analysis on IT Risk Management Strategy. The actual IT scope has evolved from just being hardware, networks and storage of information to include a company’s operations by data storage to administrative tasks and everything in between. An organisation’s dependence into it has increased the risk. This risk occurs in almost every business and data has become the new gold for organisations. Possession or a lack of it can make or maybe break a company and has to be major setback.