Risk management and governance
With today's exponential advances in technology, CIOs, CTOs, CDOs and other IT leaders need critical advice on risk management and governance. Get news, guides and tips about technology-related compliance and data privacy issues, regulatory frameworks, limits on enterprise software development, cyber risk issues, metaverse dangers, cryptocurrency regulation and more.
Top Stories
-
News
29 Oct 2024
Microsoft, Google feud heats up with 'astroturfing' accusation
After Google filed a complaint with the EU about Microsoft's cloud practices, Microsoft accused Google of funding shadow campaigns to hurt its business. Continue Reading
By- Makenzie Holland, Senior News Writer
-
News
24 Oct 2024
Growing AI energy use, tech workloads constrain IT
Speakers at Gartner IT Symposium/Xpo 2024 warned of rising energy use and cost. Workarounds include acceleration; microgrids; and, eventually, emerging technologies. Continue Reading
By- John Moore, Industry Editor
-
News
24 Jul 2014
What to include in a post-DR-test after-action review
What should go into your organization's after-action review following a disaster recovery test? #CIOChat participants suggest what to include in the report and why. Continue Reading
By- Emily McLaughlin, Coravin
-
Tip
09 Jul 2014
Three steps to keep IT policies and procedures regulatory compliant
Corporate compliance and risk management expert Jeffrey Jenkins shares how he ensures IT policies and procedures remain in sync with current compliance regulations. Continue Reading
By- Jeff Jenkins, Travelport
-
Feature
24 Jun 2014
Can automated segregation of duties benefit regulatory compliance?
In this feature, Michael Rasmussen explains why automated SoD reduces compliance costs as well as the potential for fraud and lawsuits. Continue Reading
By- Ben Cole, Executive Editor
-
Tip
18 Nov 2013
Preparation underway for Dodd-Frank conflict mineral disclosures
Dodd-Frank conflict mineral provisions create new disclosure rules for public companies. In this tip, learn how to prepare for the regulations. Continue Reading
By- William Newman, SAP
-
Tip
13 Nov 2013
CIO tip: Learn how to present a risk-management plan to the board
CIO tip: Companies are getting serious about risk management plans -- and leaning on CIOs to help them. Continue Reading
-
Tip
22 Oct 2013
Three strategies to align organizational compliance and security goals
Compliance and security departments sometimes have an adversarial relationship, but organizations can benefit from aligning their strategic goals. Continue Reading
By- Ed Moyle, Drake Software
-
Feature
30 Jul 2013
All aboard: CIO wins the battle, initiates centralized IT organization
Our SearchCIO IT Leader of the Year Award winner, CIO Eric Hawley, explains how he built a centralized IT environment -- starting with listening. Continue Reading
-
Opinion
12 Jun 2013
The GRC maturity model and value proposition
In this CIO Matters column, Harvey Koeppel takes a look at the GRC maturity model and how CIOs can turn risk management into business value. Continue Reading
By- Harvey R. Koeppel, Pictographics Inc.
-
Definition
06 Mar 2013
geolocation data
Geolocation data is information associated with an electronic device that can be used to identify its physical location. The most common example of geolocation data is an IP address. Continue Reading
By- Nicole Laskowski, Senior News Director
-
Tip
28 Feb 2013
Four steps to defining and articulating the role of risk management
Risk management programs are under pressure from all quarters. Here are four steps to defining and articulating the role of risk management. Continue Reading
By- Chris McClean, Forrester Research
-
Definition
01 Feb 2013
business continuity management (BCM)
Business continuity management (BCM) is a framework for identifying an organization's risk of exposure to internal and external threats. Continue Reading
-
Tip
01 Nov 2012
Free IT organizational structure chart templates for the CIO
Use these free IT organizational structure chart templates to illustrate the relationships and hierarchy between various IT roles in your enterprise. Continue Reading
-
News
23 Apr 2012
ISACA: Update to COBIT 5 governance framework maximizes IT assets
ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets. Continue Reading
By- Ben Cole, Executive Editor
-
Tip
16 Mar 2012
Five tips to help guide green compliance at your organization
As more industries push for environmentally friendly processes, green compliance is a major concern. Here are tips to help incorporate the right green IT practices at your organization. Continue Reading
By- SearchCompliance.com Staff
-
Tip
02 Mar 2012
Is your SaaS system in line with SOX compliance requirements?
A SaaS vendor can provide many benefits, but adhering to SOX compliance requirements remains a concern. Here’s help to stay compliant when using Software as a Service. Continue Reading
By- Curt Finch, Contributor
-
Tutorial
03 Oct 2011
FAQ: Four criteria for an effective IT innovation strategy
In this FAQ, IT executives share four ways to kick-start and manage an IT innovation strategy that drives business value and transformation. Continue Reading
By- SearchCIO.com Staff
-
Tip
16 Aug 2011
How protecting against the OWASP Top 10 helps prevent compliance risk
Mapping security processes to protect against the OWASP Top 10 could ease Web application vulnerabilities and help some companies stay compliant. Continue Reading
By- Ed Adams, Contributor
-
Quiz
15 Aug 2011
Test your social media risk management IQ: A SearchCompliance.com quiz
Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Continue Reading
By- SearchCompliance.com Staff
-
Tip
28 Apr 2011
How GRC, sustainability and CSR relate to one another
How your organization determines the relationships among GRC, sustainability and CSR depends on the context of each item -- and is dependent on management's goals. Continue Reading
By- Adrian Bowles, STORM Insights, Inc.
-
Definition
07 Mar 2011
control framework
A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk. Continue Reading
-
Tip
10 Dec 2010
AML compliance and money service businesses
Money service businesses are a growing part of the financial services industry but compliance with anti-money regulations is critical. Continue Reading
By- Dan Fisher, Contributor
-
Feature
17 Jun 2010
FAQ: GARP and how it helps you achieve better information governance
Many organizations do not have an information governance structure that works with defined record-keeping principles that ensures accountability. GARP may be your answer. Continue Reading
By- SearchCompliance.com Staff
-
Tip
06 Oct 2009
Threat management for information systems relies on categorization
Every information system faces threats, but not all threats should be treated equally. ISO 27005 offers a guide on how to categorize threats to your organization. Continue Reading
By- Steven Ross, Risk Masters, Inc.
-
News
06 Oct 2009
GPS devices, geolocation data create privacy, security risks
Emerging technologies that allow users to broadcast geographic locations raise many issues for companies, CIOs, while legislatures and the FTC consider legal aspects. Continue Reading
By- Linda Tucci, Industry Editor -- CIO/IT Strategy
-
Tip
01 Oct 2009
HIPAA-covered entities' first step should be a quality assurance plan
HIPAA-covered entities must leverage or install a good QA team, an effort that should be driven from the top down and be part of the strategic plan of the technology organization. Continue Reading
By- John Weathington, Excellent Management Systems Inc.
-
Feature
22 Jun 2009
Chapter excerpt: Decision-making processes and IT governance
Find out how sound decision-making processes form the foundation of IT governance policies by allocating decision rights and accountability. Continue Reading
-
News
19 Jun 2009
Twitter security risks, popularity spark regulatory concerns
Twitter can be used for social good, business and journalism, but the potential for exploitation by cybercriminals and noncompliance with regulatory requirements is real and growing. Continue Reading
By- Alexander B. Howard, Associate Editor
-
Tip
09 Jun 2009
How AML compliance applies to remote deposit capture
Financial institutions rushing to deploy remote deposit capture (RDC) need to consider how the Bank Secrecy Act and anti-money laundering regulations apply to the technology. In this tip, Dan Fisher explains what measures institutions need to take to ensure compliance with BSA/AML laws in their RDC implementations. Continue Reading
By- Dan M. Fisher, Contributor
-
Tip
19 May 2009
Why it may not be ideal for your lawyer to be your compliance officer
While lawyers bring a certain expertise to the table, business leaders need a broader range of technical, security and communications skills in their compliance officers. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Definition
12 Mar 2009
Electronic Communications Privacy Act (ECPA)
The Electronic Communications Privacy Act (ECPA) is a United States federal statute that prohibits a third party from intercepting or disclosing communications without authorization. Continue Reading
-
Definition
29 Jan 2009
Fair Credit Reporting Act (FCRA)
The Fair Credit Reporting Act (FCRA) is United States federal legislation that promotes accuracy, fairness and privacy for data used by consumer reporting agencies. Continue Reading
-
Definition
06 Mar 2008
FFIEC compliance (Federal Financial Institutions Examination Council)
FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC)... (Continued) Continue Reading