Risk management and governance
With today's exponential advances in technology, CIOs, CTOs, CDOs and other IT leaders need critical advice on risk management and governance. Get news, guides and tips about technology-related compliance and data privacy issues, regulatory frameworks, limits on enterprise software development, cyber risk issues, metaverse dangers, cryptocurrency regulation and more.
Top Stories
-
Feature
23 Jul 2025
ISO 31000 vs. COSO: Comparing risk management standards
ISO 31000 and the COSO ERM framework are the two most popular risk management standards. Here's what they include and some of their similarities and differences. Continue Reading
-
News
22 Jul 2025
Federal research funding cuts could slow tech innovation
With massive funding cuts proposed at both federal research agencies and U.S. universities, U.S. R&D investment is poised to fall behind China and the EU. Continue Reading
-
News
11 Jan 2024
Apple, Google face tumultuous legal year ahead
Google has agreed to make changes to its app store, while Apple has remained largely unscathed after antitrust trials challenged both companies' app store operating models. Continue Reading
-
Tip
10 Jan 2024
7 business process management challenges and how to fix them
Unclear goals, weak C-level support and subpar testing setups are among the factors that can derail BPM initiatives. Learn about seven BPM challenges and ways to overcome them. Continue Reading
-
Podcast
02 Jan 2024
A challenge: Guiding generative AI toward responsible use
Transparency, explainability and lack of bias are principles for building generative AI systems that work according to ethical rules and are fair for everyone. Continue Reading
-
Tip
02 Jan 2024
16 BPM best practices to ensure project success
A BPM approach to transformation enables companies to continuously improve and reinvent their business processes, injecting innovation as they go. Learn how to do it right. Continue Reading
-
Tip
02 Jan 2024
14 CIO priorities and trends for 2024
The job is as big and challenging as ever. In 2024, CIOs will be asked to find business value in GenAI, mitigate AI risks and solve the talent crunch, among other pressing issues. Continue Reading
-
Tip
28 Dec 2023
5 examples of records management
Examples of records management vary by types of records, such as front- and back-office records, and processes, such as retention schedule management and records disposal. Continue Reading
-
News
19 Dec 2023
U.S.-China relations will affect businesses in 2024
U.S.-China relations will affect U.S. businesses in 2024, whether it's through more export controls or building alliances with other countries on technology. Continue Reading
-
Definition
18 Dec 2023
California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act (CCPA) is legislation in the state of California that supports an individual's right to control their own personally identifiable information (PII). Continue Reading
-
News
15 Dec 2023
DOJ's long-term goals in Google antitrust case unclear
The DOJ faced off against Google this year in an antitrust trial, claiming that Google maintained an illegal monopoly over the online search and search advertising markets. Continue Reading
-
Definition
15 Dec 2023
business process management software (BPMS)
Business process management software (BPMS) helps companies design, model, execute, automate and improve a set of activities and tasks that, when completed, achieve an organizational goal. Continue Reading
-
Definition
15 Dec 2023
What is business process management? A guide to BPM
Business process management (BPM) is a structured approach to improving the processes organizations use to get work done, serve their customers and generate business value. Continue Reading
-
News
14 Dec 2023
Technology inflation rate edges up for storage, IT services
Price hikes persist for professional services and cloud, while an increase in storage costs could reflect a return toward more typical pricing levels after a period of decline. Continue Reading
-
Definition
14 Dec 2023
business process automation (BPA)
Business process automation (BPA) is the use of advanced technology to complete business processes with minimal human intervention. Continue Reading
-
News
06 Dec 2023
Congress might act on AI-generated content in 2024
Misinformation is an issue facing digital platforms that's being exacerbated by AI-generated content, something Congress could tackle in the new year. Continue Reading
-
Tip
06 Dec 2023
7 top business process management benefits, advantages
Streamlined workflows, greater agility and scalability, tighter process controls, reduced risks, lower costs and better customer engagements are among the notable BPM benefits. Continue Reading
-
Definition
04 Dec 2023
PCAOB (Public Company Accounting Oversight Board)
The Public Company Accounting Oversight Board (PCAOB) is a congressionally established nonprofit that assesses audits of public companies in the United States to protect investors' interests. Continue Reading
-
Definition
01 Dec 2023
Universal Process Notation (UPN)
Universal Process Notation is a method for illustrating the steps in a business process. Continue Reading
-
Tip
01 Dec 2023
RPA vs. BPM: How are they different?
Don't confuse RPA with BPM. These process-oriented initiatives are distinctly different but also highly complementary when planning, automating and improving business operations. Continue Reading
-
Definition
30 Nov 2023
standard business reporting (SBR)
Standard business reporting (SBR) is a group of frameworks adopted by governments to promote standardization in reporting business data. Continue Reading
-
News
22 Nov 2023
Possible reasons for Meta disbanding its responsible AI team
After releasing more generative AI tools this year, the tech giant made a controversial move by dismantling its unit dedicated to responsible AI. Continue Reading
-
News
16 Nov 2023
Regulating digital industries might require a new U.S. agency
U.S. senators and industry experts are pushing for a new agency to regulate digital industries and tackle competition, privacy and content moderation concerns. Continue Reading
-
News
16 Nov 2023
Cloud costs increase amid SaaS pricing hikes
CIOs face higher SaaS prices, with a new report pegging the inflation rate at 8.7%. The wider cloud segment saw a 3.2% inflation rate in October, according to U.S. government data. Continue Reading
-
Feature
15 Nov 2023
The push is on to build the autonomous enterprise
The concept of an autonomous enterprise is becoming more real as enterprises combine technologies to automate all kinds of human work. Welcome to the 'Autonomous Revolution.' Continue Reading
-
Definition
14 Nov 2023
FTC (Federal Trade Commission)
The FTC, or Federal Trade Commission, is a United States federal regulatory agency designed to monitor and prevent anticompetitive, deceptive or unfair business practices. Continue Reading
-
News
09 Nov 2023
As Congress mulls AI, Biden asks first for data privacy law
Congress could eventually run into a similar issue with AI as data privacy -- states passing a patchwork of laws that become difficult for businesses to comply with. Continue Reading
-
Podcast
06 Nov 2023
Tech industry reaction to Biden's AI executive order mixed
While it's the first extensive statement from the U.S. government on governing and promoting AI, it falls short of providing actionable steps to vendors. Continue Reading
-
Tip
06 Nov 2023
What is a digital transformation strategy? Everything you need to know
A strong DX strategy details an organization's current state, its plans for the future and the actions to achieve those goals. Discover the key elements that should be included. Continue Reading
-
News
31 Oct 2023
Senators defend new federal agency for tackling big tech
A federal agency with a specific focus on digital platforms will help address growing concerns around AI, data privacy and competition, two U.S. senators argue. Continue Reading
-
News
27 Oct 2023
Lack of federal data privacy law seen hurting IT security
Without federal data privacy protections, businesses can freely amass vast amounts of consumer data, raising cybersecurity risks for both consumers and businesses. Continue Reading
-
Definition
25 Oct 2023
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions. Continue Reading
-
Tip
20 Oct 2023
11 reasons why digital transformations fail, explained by pros
Digital transformations continue to be challenging and are prone to failure. Learn about 11 fatal mistakes to avoid at all costs. Continue Reading
-
Feature
20 Oct 2023
Risk assessment matrix: Free template and usage guide
A risk assessment matrix identifies issues that present the greatest potential for business disruption or damage. Use this free template to focus risk mitigation plans. Continue Reading
-
News
19 Oct 2023
Cloud inflation affects IT spending trends, GenAI not yet
Gartner's forecast points to rising cloud and services spend. Generative AI is yet to strongly influence IT budgets, but IBM and other providers gear up for growth. Continue Reading
-
Feature
18 Oct 2023
Israel-Hamas war could affect tech industry in Middle East
U.S. businesses investing in the Middle East should engage in contingency planning if the Israel-Hamas war leads to the involvement of nearby regions. Continue Reading
-
Feature
18 Oct 2023
7 risk mitigation strategies to protect business operations
Companies facing a multitude of business risks have various options to mitigate them. Here are seven mitigation strategies to minimize the business impact of risks. Continue Reading
-
Definition
17 Oct 2023
speculative risk
Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss. Continue Reading
-
Tip
12 Oct 2023
12 digital transformation tips and best practices
Successful digital transformation requires agility, speed, cost optimization, technical innovation and cultural change. C-suite commitment and employee buy-in are also critical. Continue Reading
-
News
11 Oct 2023
Google breakup unlikely in event of guilty verdict
Google is going through an antitrust trial in which a guilty verdict could result in remedies to fix the illegal behavior. But it's unlikely that Google would face a breakup. Continue Reading
-
News
05 Oct 2023
U.S. antitrust law enforcers defend actions, lawsuits
The FTC and DOJ, which enforce U.S. antitrust law, are focused on reining in big tech through antitrust lawsuits and revising merger guidelines for modern businesses. Continue Reading
-
Definition
05 Oct 2023
enterprise risk management (ERM)
Enterprise risk management (ERM) is the process of planning, organizing, directing and controlling the activities of an organization to minimize the harmful effects of risk on its capital and earnings. Continue Reading
-
News
04 Oct 2023
Capital One study: Businesses battle with self-service data
Technical, cultural and financial issues hinder organizations from enacting self-service data strategies that include business users as well as data specialists Continue Reading
-
Definition
03 Oct 2023
Whistleblower Protection Act
The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government organization. Continue Reading
-
News
02 Oct 2023
Lawyers win in race to generative AI without adequate laws
As Congress drags its feet on passing AI regulations, lawyers are filling the vacuum by helping enterprises navigate court rulings and regulations based on outdated laws. Continue Reading
-
Feature
02 Oct 2023
Generative AI in the enterprise raises questions for CIOs
Technology and business leaders are exploring pivotal issues surrounding adoption strategy, architecture and the IT organization's management responsibilities. Continue Reading
-
News
26 Sep 2023
U.S. antitrust case against Amazon not a clear win
The FTC is looking to make an antitrust case against Amazon for using anticompetitive strategies to harm both sellers and shoppers on its platform. Continue Reading
-
Tip
25 Sep 2023
How to add digital signatures to a PDF
Organizations use digital signatures to secure agreements. Common document applications, such as Adobe Acrobat and macOS Preview, let users quickly add digital signatures to PDFs. Continue Reading
-
Definition
21 Sep 2023
governance, risk and compliance (GRC)
Governance, risk and compliance (GRC) refers to an organization's strategy for handling the interdependencies among the following three components: corporate governance policies, enterprise risk management programs, and regulatory and company compliance. Continue Reading
-
Definition
19 Sep 2023
bitcoin mining
Bitcoin mining is a type of cryptomining in which new bitcoin are entered into circulation and bitcoin transactions are verified and added to the blockchain. Continue Reading
-
News
19 Sep 2023
U.S. government shutdown would crush CHIPS Act momentum
A U.S. government shutdown would significantly impact implementation of the CHIPS and Science Act of 2022 as federal workers would be forced to stay home from work. Continue Reading
-
Definition
19 Sep 2023
total risk
Total risk is an assessment that identifies all the risk factors associated with pursuing a specific course of action. Continue Reading
-
Definition
18 Sep 2023
electronically stored information (ESI)
Electronically stored information (ESI) is data that is created, altered, communicated and stored in digital form. Continue Reading
-
News
15 Sep 2023
DOJ faces hurdles in antitrust battle with Google
The Dept. of Justice will need to overcome several hurdles to prove Google's alleged anticompetitive conduct in the online search market. Continue Reading
-
Tip
14 Sep 2023
How CIOs can build cybersecurity teamwork across leadership
Cross-departmental relationships are key to long-term business success. Discover why CIOs must focus on teamwork with these three C-suite roles for highly effective cybersecurity. Continue Reading
-
Feature
13 Sep 2023
Top 10 benefits of blockchain for business
Blockchain's unique characteristics address many business issues. Here are 10 important benefits of blockchain and examples of the industries taking advantage of them. Continue Reading
-
Definition
07 Sep 2023
distributed ledger technology (DLT)
Distributed ledger technology (DLT) is a digital system for recording the transaction of assets in which the transactions and their details are recorded in multiple places at the same time. Continue Reading
-
Definition
06 Sep 2023
What is a smart contract?
A smart contract is a self-executing computer program that automatically executes the terms of a contract without the involvement of third parties. Continue Reading
-
Definition
31 Aug 2023
IT controls
An IT control is a procedure or policy that provides a reasonable assurance that the information technology (IT) used by an organization operates as intended, that data is reliable and that the organization is in compliance with applicable laws and regulations. Continue Reading
-
Definition
30 Aug 2023
three lines model
The three lines model is a risk management approach to help organizations identify and manage risks effectively by creating three distinct lines of defense. Continue Reading
-
Definition
30 Aug 2023
IT organization (information technology organization)
An IT organization (information technology organization) is the department within a company that's charged with establishing, monitoring and maintaining information technology systems and services. Continue Reading
-
News
29 Aug 2023
Microsoft Teams attack exposes collab platform security gaps
Criminal and state-sponsored hackers are ramping up cyberattacks on instant messaging platforms and other workplace collaboration tools. Meanwhile, enterprises' readiness lags. Continue Reading
-
Tip
29 Aug 2023
The CIO's role in strengthening cybersecurity
To effectively tackle security risks, organizations should proactively address the complexities of information security. Learn how CIOs can play a key role in cybersecurity. Continue Reading
-
News
22 Aug 2023
Generative AI adoption to grow with economic confidence
A PwC survey is the latest data point signaling a return to innovation spending, with generative AI adoption in the C-suite's plans. But business leaders remain sensitive to risk. Continue Reading
-
Tip
16 Aug 2023
6 open source GRC tools compliance professionals should know
Organizations must meet a variety of regulatory compliance requirements today. Here's a look at six open source GRC tools and related resources that might help. Continue Reading
-
Feature
16 Aug 2023
Top 12 risk management skills and why you need them
Effective risk management is necessary in all parts of a business. Here are a dozen skills that risk managers need to be successful in their jobs. Continue Reading
-
Tip
15 Aug 2023
Top 4 information security strategy essentials CIOs need
Right now, hackers are targeting your organization. Fight back by learning how CIOs can create a resilient and strong information security foundation. Continue Reading
-
News
14 Aug 2023
Cloud costs continue to rise among IT commodities
CIOs can expect higher cloud costs as the U.S. government's wholesale inflation index hits its highest rating for the technology category that includes this IT model. Continue Reading
-
News
11 Aug 2023
Biden order will force companies to weigh China investments
Companies are facing a new executive order and potentially congressional action restricting outbound investments in technologies such as quantum computing and AI in China. Continue Reading
-
Feature
11 Aug 2023
Traditional vs. enterprise risk management: How do they differ?
Traditional risk management and enterprise risk management are similar in their aim to mitigate risks that can harm a company. But there are differences between them. Continue Reading
-
Definition
09 Aug 2023
crisis management
Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event, while maintaining business continuity. Continue Reading
-
News
07 Aug 2023
EU's antitrust probe into Microsoft comes too late
The EU's history of conduct over structural remedies to allay competition concerns means its Microsoft probe likely won't result in a substantial impact on the company. Continue Reading
-
Feature
04 Aug 2023
9 common risk management failures and how to avoid them
As enterprises rework their business models and strategies to meet various new challenges, risks abound. Here are nine risk management failures to look out for. Continue Reading
-
Definition
01 Aug 2023
Computer Fraud and Abuse Act (CFAA)
The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization. Continue Reading
-
Definition
28 Jul 2023
compliance audit
A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. Continue Reading
-
News
25 Jul 2023
Wayfair and the generative AI boom
The online home and furniture retailer is using the technology despite challenges such as unauthorized use of data and maintaining data privacy. It also released a room-planning tool. Continue Reading
-
News
20 Jul 2023
U.S. walks line between diplomacy, security with China
Amid talks of further export controls placed on China, administration officials reiterated President Biden's desire for communication and building U.S.-China relations. Continue Reading
-
News
19 Jul 2023
Tensions rise with EU over Digital Markets Act, tech policies
Congress members want the Biden administration to confront the EU about technology policies targeting U.S. businesses. Continue Reading
-
News
18 Jul 2023
A look at writers' battle to get AI vendors to pay them
An Authors Guild open letter asks vendors to pay for works previously used to train generative AI systems and calls for lawmakers to tighten copyright laws. Continue Reading
-
News
17 Jul 2023
Businesses caught in the crosshairs amid U.S., China tensions
As the U.S. and China continue to target each other with restrictive export controls, businesses are caught in the middle of an increasingly tense conflict. Continue Reading
-
Podcast
17 Jul 2023
Targeting AI: Responsible AI means regulation, ethical use
AI users should adhere to ethical standards, particularly in regard to generative AI chatbots, but the promise of the latest tech is too great to not embrace. Continue Reading
-
News
13 Jul 2023
Storage, server prices drop as inflation eases
Server and storage prices declined in June, reflecting cooling inflation, but companies remain intent on containing costs and optimization. Continue Reading
-
Podcast
07 Jul 2023
Impact data powers sustainability strategies for digital age
Unlock new growth potential and sustainability with impact data. Learn more in this podcast. Continue Reading
-
Definition
05 Jul 2023
Dodd-Frank Act
The Dodd-Frank Act (fully known as the Dodd-Frank Wall Street Reform and Consumer Protection Act) is a United States federal law that places regulation of the financial industry in the hands of the government. Continue Reading
-
Feature
22 Jun 2023
Blockchain for businesses: The ultimate enterprise guide
Despite the scary crypto headlines, enterprise blockchain is becoming more practical. Use our in-depth guide to help manage the risks and plan the best deployment for your needs. Continue Reading
-
News
19 Jun 2023
Supreme Court sidesteps Section 230 -- for now
Although the Supreme Court's recent decisions in cases against Twitter and Google avoided ruling on Section 230, the issue will likely be in front of the justices again soon. Continue Reading
-
News
15 Jun 2023
Server prices drop while cloud costs rise in PPI data
The U.S. government's latest inflation reading shows moderating hardware prices, which spiked in mid-2022. Cloud costs, however, have been moving in the opposite direction. Continue Reading
-
News
14 Jun 2023
Global cooperation on tech standards is falling apart
Increasing cooperation between the U.S. and EU on global tech standards will enable rather than hurt competition with China, experts argue. Continue Reading
-
News
13 Jun 2023
Salesforce moves forward with secure, private generative AI
With its new AI Cloud and built-in Einstein GPT Trust Layer, The CRM and CX vendor is investing in generative AI technology and adding data security and privacy features. Continue Reading
-
Tip
09 Jun 2023
Pros and cons of blockchain for ERP
ERP's longevity reaches back to the 1960s, but thanks to blockchain, an old dog may well learn some new business tricks in this ever-changing and modernizing world of technology. Continue Reading
-
News
07 Jun 2023
U.S.-China relations hinge on shifting reactionary mindset
Rep. Andy Kim said the U.S. needs to become more proactive in its relationship with China amid growing tensions between the two countries. Continue Reading
-
Tip
06 Jun 2023
9 benefits of cryptocurrency in business
Businesses adopting cryptocurrency can potentially improve their financial liquidity, attract new customers, ensure transaction transparency, reduce fraud and align with Web 3.0. Continue Reading
-
News
05 Jun 2023
Experts doubt U.S. retaliation following China's Micron ban
The Biden administration likely won't retaliate for China's Micron Technology ban but will continue to play the long game garnering independence from China in semiconductor chips. Continue Reading
-
News
01 Jun 2023
A look at 'risk of extinction from AI' statement
The statement equates the potential risk of human eradication from AI to that of nuclear war. However, some argue society should instead mitigate the existing risk of AI bias. Continue Reading
-
News
23 May 2023
Meta fine highlights EU, US data sharing challenges
Until the new EU-U.S. Data Privacy Framework is established, Meta's $1.2 billion euro fine should serve as a warning to U.S. businesses handling EU personal data. Continue Reading
-
Feature
19 May 2023
4 tips CIOs can use to drive change management
CIOs and IT leaders should be key drivers of change management programs. Learn valuable tips for navigating complexity and scaling technology rollouts. Continue Reading
-
News
18 May 2023
FTC warns businesses about biometric information use
The Federal Trade Commission said businesses will be held accountable for the way they use consumers' biometric information. Continue Reading
-
Feature
18 May 2023
How one CIO drives business transformation through tech
Tom Peck, CIDO at Sysco, shares valuable insights into the key role that CIOs play as a transformation driver while managing emerging technologies such as AI. Continue Reading
-
News
16 May 2023
CIOs take on organizational adaptability, resilience
CIOs and other tech executives are bracing their organizations to remain flexible in a period of unpredictable developments and bounce back when they take a punch. Continue Reading
-
Definition
12 May 2023
Generally Accepted Recordkeeping Principles (the Principles)
Generally Accepted Recordkeeping Principles is a framework for managing records in a way that supports an organization's immediate and future regulatory, legal, risk mitigation, environmental and operational requirements. Continue Reading
-
News
11 May 2023
U.S. debt crisis could hit government contractors hard
Government contractors should prepare now for the U.S. to default on its debt, which would result in halted payments among other challenges. Continue Reading
-
Feature
05 May 2023
MIT-CIO event explores digital resilience amid disruption
Allan Tate, executive chair of the MIT Sloan CIO Symposium, shares an overview of the 2023 event, including focus areas such as cybersecurity and tech evaluation. Continue Reading