Risk management and governance
With today's exponential advances in technology, CIOs, CTOs, CDOs and other IT leaders need critical advice on risk management and governance. Get news, guides and tips about technology-related compliance and data privacy issues, regulatory frameworks, limits on enterprise software development, cyber risk issues, metaverse dangers, cryptocurrency regulation and more.
Top Stories
-
News
23 Apr 2025
DOJ rule aims to block adversaries' access to personal data
The new federal measure could apply to companies beyond data brokers. It stems from an executive order signed by former President Joe Biden. Continue Reading
-
Feature
22 Apr 2025
9 quantum computing challenges IT leaders should know
While the theory of quantum mechanics is complex, the technology might offer practical uses for organizations. Learn about the challenges and opportunities of quantum computing. Continue Reading
-
News
03 Nov 2022
Capital One study cites ML anomaly detection as top use case
The bank itself is making ML a key part of its digital transformation strategy, deploying the technology to locate aberrations, detect fraud and support marketing. Continue Reading
-
Definition
01 Nov 2022
Basel II
Basel II is an international business standard that requires financial institutions to maintain enough cash reserves to cover risks incurred by their operations. Continue Reading
-
News
28 Oct 2022
Whistleblower risk rises with AI policy adoption
Big tech companies aren't the only ones who should worry about repercussions from whistleblowers. CIOs from all industries should be implementing responsible tech policies. Continue Reading
-
News
14 Oct 2022
Sustainable procurement goes mainstream, influences IT buys
ESG considerations add a new dimension to IT purchasing criteria and, more broadly, could bridge the gap between business leaders and IT professionals. Continue Reading
-
News
12 Oct 2022
For climate tech investors, the team behind the tech matters
Climate tech success hinges on the technology's capability, the team behind the tech, and their vision for building a viable business and scaling it. Continue Reading
-
Feature
11 Oct 2022
LinkedIn scams, fake Instagram accounts hit businesses, execs
Even the most secure business and executive social media accounts that have strong passwords and multifactor authentication are vulnerable to cloning schemes. Continue Reading
-
News
07 Oct 2022
Experts torn on impact of antitrust bills passed by House
The three antitrust bills passed by the U.S. House of Representatives would funnel more money to antitrust law enforcers, as well as add to enforcement processes. Continue Reading
-
Definition
07 Oct 2022
sunsetting
Sunsetting is the intentional phasing out or termination of something, and in business, the term is used often regarding brands, partnerships, agreements, policies, and hardware and software. Continue Reading
-
News
23 Sep 2022
Experts highlight trust and safety practices for the metaverse
Creating a safe metaverse experience means bringing all stakeholders to the table, according to experts. Continue Reading
-
Feature
21 Sep 2022
Business-led IT strategy casts shadow IT in more positive light
Traditional shadow IT is giving way to business-led technology deployments that have the IT department's approval. But CIOs must manage the process to avoid problems. Continue Reading
-
Feature
20 Sep 2022
Climate tech vs. clean tech: What's the difference?
Businesses and consumers are becoming more concerned with environmental effects -- and how they can make changes or use clean tech and climate tech to make a difference. Continue Reading
-
News
16 Sep 2022
Companies need data privacy plan before joining metaverse
Experts speaking during ITIF's AR/VR Policy Conference pointed out that businesses need to head into the metaverse with a strong data privacy plan. Continue Reading
-
News
15 Sep 2022
IT services inflation follows broader market trend
CIOs can expect to pay more for consulting and professional services as pricing in the sector continues an upward trend that first surfaced last year. Continue Reading
-
Tip
14 Sep 2022
How to connect cyber-risk and climate risk strategies
Every business faces two global systemic risks: cybersecurity and climate change. Learn how to integrate these two areas of risk management for greater business resilience. Continue Reading
-
Tip
13 Sep 2022
How to become a CISO
The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job. Continue Reading
-
News
09 Sep 2022
Amazon's iRobot acquisition raises concerns
Numerous organizations wrote to the Federal Trade Commission Friday, raising data privacy and competition concerns about Amazon's iRobot acquisition. Continue Reading
-
News
09 Sep 2022
Apple, Sephora settlements shine light on data privacy
High-profile lawsuits and the potential for new FTC data privacy rules should be a warning to businesses to ensure that internal data privacy practices are in order. Continue Reading
-
Tip
07 Sep 2022
7 CISO succession planning best practices
Nothing is certain except death, taxes and CISO turnover. Learn how to prepare for the inevitable and future-proof your security program with a succession plan. Continue Reading
-
Definition
07 Sep 2022
privacy compliance
Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation. Continue Reading
-
News
01 Sep 2022
Inflation Reduction Act boosts clean energy incentives
The Inflation Reduction Act increases incentives for clean energy, but there is concern that it doesn't address existing regulatory flaws inhibiting clean energy tech deployment. Continue Reading
-
News
31 Aug 2022
Privacy bill ADPPA to police data sharing, algorithmic bias
The ADPPA passed the U.S. House Committee on Energy and Commerce in July, making it farther than other recently introduced data privacy bills. Continue Reading
-
News
24 Aug 2022
Inflation: Server costs rise, software sells at a premium
Latest PPI data reveals a 3.1% month-over-month uptick for host computers and servers, while storage prices drop slightly and professional services stand pat. Continue Reading
-
News
19 Aug 2022
Experts concerned with FTC exploring data privacy rules
The Federal Trade Commission is considering new data privacy rules that would address business data collection, analysis and profit. Continue Reading
-
News
18 Aug 2022
Talent acquisition a bigger business risk than recession
Talent acquisition and cybersecurity are the two top business risks leaders surveyed by PwC say they face in the current environment. Continue Reading
-
News
18 Aug 2022
MariaDB set to expand geospatial database capabilities
With the purchase of CubeWerx, the database vendor will add geospatial capabilities to its SkySQL database service that will enable satellite imagery analysis in applications. Continue Reading
-
Tip
18 Aug 2022
5 reasons to integrate ESG and cybersecurity
Every business faces global systemic risks, yet most have failed to integrate cybersecurity with ESG programs. Here are five reasons why integration makes good business sense. Continue Reading
-
Feature
11 Aug 2022
The effect of digital transformation on the CIO job
Digitization and digital transformation sound similar, but they couldn't be more different in what they demand from CIOs, explains Genpact's Sanjay Srivastava. Continue Reading
-
News
09 Aug 2022
IT pros weigh COVID-19 risks, safety at tech conferences
Companies preparing to send employees to tech conferences should have a COVID-19 safety plan and prepare for the possibility that some workers will bring the virus back to the office. Continue Reading
-
Tip
05 Aug 2022
5 data security challenges enterprises face today
Data empowers enterprises to succeed. But with great power comes great responsibility -- to keep that data secure. Here are five challenges today's businesses must meet. Continue Reading
-
News
04 Aug 2022
TikTok data privacy issues prompt need for social media plan
Data privacy concerns stemming from data collection practices of social media platforms means corporate leadership should be involved in determining a social media strategy. Continue Reading
-
Definition
04 Aug 2022
data governance policy
A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are managed consistently and used properly. Continue Reading
-
News
27 Jul 2022
Regulation needed for AI, technology environmental impact
To implement effective government regulation of technologies like AI and cloud computing, more data on the technologies' environmental impacts is needed. Continue Reading
-
News
21 Jul 2022
Technology costs rise as inflation hits hardware, services
Inflation is affecting the CIO market basket, influencing purchasing. Government data showed a sharp increase in cost for servers, which continue to face supply chain issues. Continue Reading
-
News
07 Jul 2022
EU's new big tech regulations target online advertising
The Digital Markets Act and Digital Services Act focus on bolstering business competition and consumer control over data online. Continue Reading
-
News
06 Jul 2022
Lawmakers worry about biometric data in wake of Roe v. Wade
Protecting information such as biometric data has become even more important given the Supreme Court's recent decision to overturn Roe v. Wade, U.S. House members were told. Continue Reading
-
Feature
05 Jul 2022
A 'CISO evolution' means connecting business value to security
As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
-
News
30 Jun 2022
Big tech regulation needs both privacy and antitrust reform
Privacy and antitrust laws work together, and if Congress wants to regulate the tech giants, it has to figure out how these laws work against each other. Continue Reading
-
Definition
24 Jun 2022
chief data officer (CDO)
A chief data officer (CDO) in many organizations is a C-level executive whose position has evolved into a range of strategic data management responsibilities related to the business to derive maximum value from the data available to the enterprise. Continue Reading
-
Report
24 Jun 2022
The evolving CIO role: From IT operator to business strategist
This in-depth guide to the role of the CIO traces the job's evolution, explains what is required of the position today and why it has become so important to businesses. Continue Reading
-
News
23 Jun 2022
Microsoft reins in AI facial and voice recognition tech
The tech giant plans to rein in some of its AI technologies based on facial and voice recognition to reduce or eliminate bias and discrimination and aim for 'inclusive AI.' Continue Reading
-
News
22 Jun 2022
Senate bill a step forward for cryptocurrency regulation
A bipartisan cryptocurrency regulation bill gives the digital assets market much-needed definitions that will enable a regulatory framework to fall into place, experts say. Continue Reading
-
Definition
22 Jun 2022
information technology (IT) director
An information technology (IT) director is the person in charge of technology within an organization. IT directors manage technology resources and employees to ensure that IT operations run smoothly. Continue Reading
-
News
17 Jun 2022
Experts debate antitrust law enforcement benefits
Experts debate whether antitrust law enforcement should go beyond promoting competition and focus on other factors. Continue Reading
-
News
16 Jun 2022
U.S. senator highlights role of antitrust lawsuits, reform
During the American Antitrust Institute's annual conference, Sen. Richard Blumenthal spoke on the importance of antitrust law for reining in big tech. Continue Reading
-
News
10 Jun 2022
To secure supply chain, US needs semiconductor chip sites
To make U.S. semiconductor chip fabrication facilities successful long-term, experts say chip buyers such as Apple need to be included at the table during the planning process. Continue Reading
-
Tip
10 Jun 2022
15 tips for delivering a successful presentation to the board
What do you do when everyone thinks they're the smartest person in the room, and all of them are counting on you for answers? Here's how to give a presentation to the board. Continue Reading
-
Definition
09 Jun 2022
regulatory compliance
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Continue Reading
-
News
08 Jun 2022
Texas social media law brings content debate to Supreme Court
The Supreme Court recently blocked a Texas social media law that would have limited content removal, but that's likely not the end of the court's involvement on the issue. Continue Reading
-
Feature
03 Jun 2022
What is IT-business alignment and why is it important?
It's more important than ever that IT and the business operate from the same playbook. So why do so many organizations struggle to achieve IT-business alignment? Continue Reading
-
News
24 May 2022
MIT Sloan panelists urge cyber resilience focus
Enterprises must prepare for cyber-adversity, think beyond protection, establish lines of communication -- and learn to take a punch, according to security executives. Continue Reading
-
Tip
24 May 2022
CIO career path: How to become a CIO
The career path to becoming a CIO has evolved as the role has become increasingly critical to business success. Find out how to become a CIO and what the job entails. Continue Reading
-
Definition
23 May 2022
business resilience
Business resilience is the ability an organization has to quickly adapt to disruptions while maintaining continuous business operations and safeguarding people, assets and overall brand equity. Continue Reading
-
Tip
20 May 2022
8 free IT strategic planning templates and examples for CIOs
As technology becomes a business differentiator, a well-thought-out IT strategy plan is more crucial than ever. These IT strategy templates help CIOs make IT a business driver. Continue Reading
-
News
20 May 2022
In wake of crash, cryptocurrency regulation focus heightens
The recent crash of TerraUSD, a stablecoin that is a type of cryptocurrency, could rouse further regulatory scrutiny. Continue Reading
-
News
19 May 2022
CEOs name environmental sustainability a top business focus
Businesses are increasingly focused on their environmental sustainability efforts, as investors, customers and regulators drive sustainability prioritization. Continue Reading
-
News
19 May 2022
DHS pauses newly created Disinformation Governance Board
Concerns about the spread of disinformation prompted DHS to create the Disinformation Governance Board, which was immediately met with criticism from Republican lawmakers. Continue Reading
-
News
17 May 2022
MIT-CIO event explores pandemic's effect on digital ecosystems
Allan Tate, executive chair of the MIT Sloan CIO Symposium, lays out the big idea of the 2022 conference and explains how the event itself reflects its relevance. Continue Reading
-
News
13 May 2022
Policymaker proposes commission to oversee digital platforms
The proposed Federal Digital Platform Commission would oversee tech giants and could impose penalties and conduct investigations into bad conduct. Not everyone thinks it will work. Continue Reading
-
News
13 May 2022
Roe v. Wade reversal could hinder data privacy rights
Tech companies could start feeling pressure from consumers to limit data collection should Roe v. Wade be overturned. Continue Reading
-
Tip
13 May 2022
CIO vs. CTO: Key differences in roles and responsibilities
CIOs and CTOs both play a valuable role in a company's technology strategy, but their focus and responsibilities are different. Learn more. Continue Reading
-
Definition
12 May 2022
consumerization of IT
The consumerization of IT refers to how software and hardware products designed for personal use migrated into the enterprise and were used for work purposes. Continue Reading
-
News
12 May 2022
MIT Sloan innovation startups pursue AI at scale
Modzy and Snowplow are among the early-stage companies aiming to move AI from science project to enterprise asset. Success will let businesses reap the benefits of the technology. Continue Reading
-
News
05 May 2022
CIOs need to balance tech with business sustainability
As CIOs consider new technologies to help reach business sustainability goals, investors also want to see the right governance in place when it comes to climate risk management. Continue Reading
-
News
27 Apr 2022
Elon Musk poised to disrupt social media industry
Elon Musk could disrupt the social media industry with his purchase of Twitter and move the company away from social media's traditional reliance on advertising revenue. Continue Reading
-
Feature
27 Apr 2022
Bolstered BPMN standard is core of new BPM+ ecosystem
BPMN, now part of the expansive BPM+ ecosystem, has been updated with new capabilities to handle complex business processes and the use of advanced technologies. Continue Reading
-
News
22 Apr 2022
Digital humanism aims to balance human needs, emerging tech
Digital humanism is an approach to designing a digital future with human values and needs in mind, a concept arriving in response to the unchecked power of digital platforms. Continue Reading
-
News
15 Apr 2022
SEC chair touts benefits of climate risk disclosure rule
Interested parties are weighing in on the SEC's proposed climate risk disclosure rule, which is available for comment until May 20. Continue Reading
-
News
15 Apr 2022
Tech giants balk at competition bill, Digital Markets Act
The EU has already reached an agreement on their Digital Markets Act, which would open tech giants' tightly controlled app stores and platforms to third parties. Continue Reading
-
Feature
14 Apr 2022
Study attests: Cloud apps, remote users add to data loss
A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic. Continue Reading
-
News
07 Apr 2022
Long, costly road ahead for FTC antitrust case against Meta
The Federal Trade Commission's antitrust case against Meta is relying on the argument that past acquisitions helped Meta maintain its dominance in the social media market. Continue Reading
-
Definition
05 Apr 2022
digital enterprise
A digital enterprise is an organization that uses technology as a competitive advantage in its internal and external operations. Continue Reading
-
Definition
05 Apr 2022
SOC 1 (System and Organization Controls 1)
System and Organization Controls 1, or SOC 1 (pronounced "sock one"), aims to control objectives within a SOC 1 process area and documents internal controls relevant to an audit of a user entity's financial statements. Continue Reading
-
News
31 Mar 2022
Tech companies in Ukraine open economic front in Russian war
Developers and engineers serve as an economic bulwark in the country's battle for survival. The regional reshuffling of talent, meanwhile, could spell higher costs for IT buyers. Continue Reading
-
News
24 Mar 2022
SEC's proposed climate rule a game-changer for sustainability
Experts are praising the SEC's newly proposed climate risk disclosure rule, which would require businesses to bake climate risk into their overall risk management plans. Continue Reading
-
News
23 Mar 2022
Metaverse platforms offer opportunity and risk for CIOs
Accenture's recent Technology Vision event underscored the transformational possibilities of virtual worlds, but also pointed to security and safety challenges. Continue Reading
-
Definition
21 Mar 2022
Sarbanes-Oxley Act (SOX) Section 404
Sarbanes-Oxley Act (SOX) Section 404 mandates that all publicly traded companies must establish internal controls and procedures for financial reporting and must document, test, and maintain those controls and procedures to ensure their effectiveness. Continue Reading
-
Definition
21 Mar 2022
COPPA (Children's Online Privacy Protection Act )
The Children's Online Privacy Protection Act of 1998 (COPPA) is a federal law that imposes specific requirements on operators of websites and online services to protect the privacy of children under 13. Continue Reading
-
News
07 Mar 2022
US awaits bill boosting technology competition with China
China's investments in tech have spurred the U.S. to take action with a U.S. technology competition bill funneling billions into tech innovation and development. Continue Reading
-
News
04 Mar 2022
Russian sanctions prompt tech to stop sales, curb services
At the urging of Ukraine's Vice Prime Minister Mykhailo Fedorov and economic sanctions, companies including Apple, Google and Microsoft have limited business operations in Russia. Continue Reading
-
Definition
02 Mar 2022
North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)
The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) plan is a set of standards aimed at regulating, enforcing, monitoring and managing the security of the Bulk Electric System (BES) in North America. Continue Reading
-
News
25 Feb 2022
Sanctions cost Russia US tech, and that may hurt
The U.S. has issued sanctions against Russia for its military invasion of Ukraine, which could face devastating IT service delivery disruption if the conflict continues. Continue Reading
-
News
16 Feb 2022
Proposal for federal tech policy focuses on privacy, security
The Future of Tech Commission wants the federal government to initiate a coordinated effort to address issues like data privacy and competition. Continue Reading
-
News
11 Feb 2022
House bill tracks foreign investment in U.S. mergers
The Foreign Merger Subsidy Disclosure Act would allow federal antitrust enforcement agencies to track foreign government investment behind U.S. business mergers. Continue Reading
-
News
08 Feb 2022
Federal regulatory efforts could affect VR, metaverse
Although Congress isn't looking to regulate VR or the metaverse yet, its efforts on antitrust and data privacy could have impacts down the road. Continue Reading
-
News
07 Feb 2022
IRS drops facial recognition plans after criticism
The agency said it will no longer require taxpayers to use a third-party website to authenticate identity and will develop its own tools to boost security and prevent fraud. Continue Reading
-
News
02 Feb 2022
Federal data privacy law efforts fizzle
As Congress shifts to antitrust enforcement, the momentum behind creating a federal data privacy law is waning. The states, meanwhile, are adopting privacy laws. Continue Reading
-
Definition
24 Jan 2022
Ethereum
Ethereum is an open source, distributed software platform based on blockchain technology. Continue Reading
-
News
18 Jan 2022
FTC, DOJ seek public input on merger guidelines
The FTC and DOJ want public input on the government's merger guidelines, used to challenge potentially anticompetitive mergers. The agencies believe the rules are out of date and ineffective. Continue Reading
-
Tip
22 Dec 2021
Cybersecurity asset management takes ITAM to the next level
Security pros need to focus on cybersecurity asset management for devices, services and the vendors that can help. Use our checklist to find out how and where to start. Continue Reading
-
Definition
28 Oct 2021
COSO Framework
The COSO Framework is a system used to establish internal controls to be integrated into business processes. Continue Reading
-
News
27 Oct 2021
Senators push for more online child privacy protections
U.S. senators expressed frustration with social media giants for not supporting specific legislation enhancing child privacy protections online. Continue Reading
-
Feature
18 Oct 2021
Litigants face tough road with antitrust lawsuits
As big tech companies like Google and Facebook fight antitrust lawsuits in court, experts are divided on whether core antitrust laws need updating for the modern economy. Continue Reading
-
Tip
12 Oct 2021
How to evaluate and select GRC vendors and tools
There is a variety of governance, risk and compliance software on the market. Learn about some of the available products and how best to evaluate GRC tools and vendors. Continue Reading
-
Feature
12 Oct 2021
Implementing an enterprise risk management framework
A well-designed ERM framework provides a playbook to avert corporate disasters, generate competitive advantages and create business opportunities. Continue Reading
-
News
30 Sep 2021
Differing data privacy polices challenge EU, US tech council
The EU-U.S. Trade and Technology Council plans to develop standards, address supply chain issues and define approaches to data governance, but the road ahead could be a bumpy one. Continue Reading
-
Guest Post
11 Aug 2021
IoT legislation device manufacturers need to know about
To avoid penalties and meet government agency requirements, IoT device manufacturers must adhere to new standards and regulations. Learn the latest here. Continue Reading
-
News
06 Aug 2021
Amazon GDPR fine signals expansion of regulatory focus
Amazon's $887 million GDPR fine likely stems from consumer consent and may indicate the EU is moving beyond data breaches and zeroing in on data practices. Continue Reading
-
News
14 Jun 2021
Federal data privacy legislation could benefit U.S. economy
Data privacy laws are becoming part of a 'modern economy,' according to Google's Kate Charlet, director for data governance. Continue Reading
-
Tip
24 May 2021
An adequacy audit checklist to assess project performance
Adequacy audits are conducted to assess the efficacy of IT system controls and identify areas for performance or other improvements. Use this audit checklist to get started. Continue Reading
-
Feature
15 Apr 2021
Managing cybersecurity during the pandemic and in the new digital age
Roota Almeida, CISO at Delta Dental of New Jersey and Delta Dental of Connecticut, talks about the cybersecurity threats she's seen over the last year and how she's effectively managing her security team. Continue Reading