Risk management and governance

With today's exponential advances in technology, CIOs, CTOs, CDOs and other IT leaders need critical advice on risk management and governance. Get news, guides and tips about technology-related compliance and data privacy issues, regulatory frameworks, limits on enterprise software development, cyber risk issues, metaverse dangers, cryptocurrency regulation and more.

Top Stories

News 31 Jan 2023
Calif. climate bill to require business carbon emissions data

The Climate Corporate Data Accountability Act introduced in California would require businesses to report their scope 1, 2 and 3 carbon emissions. Continue Reading
Tip 31 Jan 2023
5 ways Web 3.0 will impact digital marketing

If Web 3.0 can provide greater privacy, more marketing reach and better targeting, the World Wide Web's latest iteration could ease the online customer personalization problem. Continue Reading

News 23 Apr 2012

ISACA: Update to COBIT 5 governance framework maximizes IT assets

ISACA’s update to its popular COBIT 5 framework incorporates a business-wide approach the organization says helps enterprises maximize their information and technology assets. Continue Reading
Tip 16 Mar 2012

Five tips to help guide green compliance at your organization

As more industries push for environmentally friendly processes, green compliance is a major concern. Here are tips to help incorporate the right green IT practices at your organization. Continue Reading
Tip 02 Mar 2012

Is your SaaS system in line with SOX compliance requirements?

A SaaS vendor can provide many benefits, but adhering to SOX compliance requirements remains a concern. Here’s help to stay compliant when using Software as a Service. Continue Reading
Tutorial 03 Oct 2011

FAQ: Four criteria for an effective IT innovation strategy

In this FAQ, IT executives share four ways to kick-start and manage an IT innovation strategy that drives business value and transformation. Continue Reading
Tip 16 Aug 2011

How protecting against the OWASP Top 10 helps prevent compliance risk

Mapping security processes to protect against the OWASP Top 10 could ease Web application vulnerabilities and help some companies stay compliant. Continue Reading
Quiz 15 Aug 2011

Test your social media risk management IQ: A SearchCompliance.com quiz

Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Continue Reading
Tip 28 Apr 2011

How GRC, sustainability and CSR relate to one another

How your organization determines the relationships among GRC, sustainability and CSR depends on the context of each item -- and is dependent on management's goals. Continue Reading
Tip 10 Dec 2010

AML compliance and money service businesses

Money service businesses are a growing part of the financial services industry but compliance with anti-money regulations is critical. Continue Reading
Feature 17 Jun 2010

FAQ: GARP and how it helps you achieve better information governance

Many organizations do not have an information governance structure that works with defined record-keeping principles that ensures accountability. GARP may be your answer. Continue Reading
News 06 Oct 2009

GPS devices, geolocation data create privacy, security risks

Emerging technologies that allow users to broadcast geographic locations raise many issues for companies, CIOs, while legislatures and the FTC consider legal aspects. Continue Reading
Tip 06 Oct 2009

Threat management for information systems relies on categorization

Every information system faces threats, but not all threats should be treated equally. ISO 27005 offers a guide on how to categorize threats to your organization. Continue Reading
Tip 01 Oct 2009

HIPAA-covered entities' first step should be a quality assurance plan

HIPAA-covered entities must leverage or install a good QA team, an effort that should be driven from the top down and be part of the strategic plan of the technology organization. Continue Reading
Feature 22 Jun 2009

Chapter excerpt: Decision-making processes and IT governance

Find out how sound decision-making processes form the foundation of IT governance policies by allocating decision rights and accountability. Continue Reading
News 19 Jun 2009

Twitter security risks, popularity spark regulatory concerns

Twitter can be used for social good, business and journalism, but the potential for exploitation by cybercriminals and noncompliance with regulatory requirements is real and growing. Continue Reading
Tip 09 Jun 2009

How AML compliance applies to remote deposit capture

Financial institutions rushing to deploy remote deposit capture (RDC) need to consider how the Bank Secrecy Act and anti-money laundering regulations apply to the technology. In this tip, Dan Fisher explains what measures institutions need to take to ensure compliance with BSA/AML laws in their RDC implementations. Continue Reading
Tip 19 May 2009

Why it may not be ideal for your lawyer to be your compliance officer

While lawyers bring a certain expertise to the table, business leaders need a broader range of technical, security and communications skills in their compliance officers. Continue Reading