Risk management and governance

With today's exponential advances in technology, CIOs, CTOs, CDOs and other IT leaders need critical advice on risk management and governance. Get news, guides and tips about technology-related compliance and data privacy issues, regulatory frameworks, limits on enterprise software development, cyber risk issues, metaverse dangers, cryptocurrency regulation and more.

Top Stories

Feature 23 Mar 2026
Smart glasses as an enterprise risk: What CIOs should know

Once experimental tech, smart glasses now pose serious risks to businesses through covert recording, data leaks and compliance violations in the workplace. Continue Reading
By
- Grant Hatchimonji
Feature 20 Mar 2026
AI disruption: How CIOs should prepare for a new economy

AI disruption may not hit as quickly as the Citrini Research scenario imagined, but CIOs still need to prepare. Consider what the scenario got right and how IT leaders can respond. Continue Reading
By
- Tim Murphy, Site editor

News 07 Feb 2022
IRS drops facial recognition plans after criticism

The agency said it will no longer require taxpayers to use a third-party website to authenticate identity and will develop its own tools to boost security and prevent fraud. Continue Reading
By
- Esther Shittu, News Writer
News 02 Feb 2022
Federal data privacy law efforts fizzle

As Congress shifts to antitrust enforcement, the momentum behind creating a federal data privacy law is waning. The states, meanwhile, are adopting privacy laws. Continue Reading
By
- Makenzie Holland, Senior News Writer
Definition 24 Jan 2022
Ethereum

Ethereum is an open source, distributed software platform based on blockchain technology. Continue Reading
By
- Sean Michael Kerner
- Ben Lutkevich, Site Editor
News 18 Jan 2022
FTC, DOJ seek public input on merger guidelines

The FTC and DOJ want public input on the government's merger guidelines, used to challenge potentially anticompetitive mergers. The agencies believe the rules are out of date and ineffective. Continue Reading
By
- Makenzie Holland, Senior News Writer
News 27 Oct 2021
Senators push for more online child privacy protections

U.S. senators expressed frustration with social media giants for not supporting specific legislation enhancing child privacy protections online. Continue Reading
By
- Makenzie Holland, Senior News Writer
Feature 18 Oct 2021
Litigants face tough road with antitrust lawsuits

As big tech companies like Google and Facebook fight antitrust lawsuits in court, experts are divided on whether core antitrust laws need updating for the modern economy. Continue Reading
By
- Makenzie Holland, Senior News Writer
Tip 12 Oct 2021
How to evaluate and select GRC vendors and tools

There is a variety of governance, risk and compliance software on the market. Learn about some of the available products and how best to evaluate GRC tools and vendors. Continue Reading
By
- Paul Kirvan
News 30 Sep 2021
Differing data privacy polices challenge EU, US tech council

The EU-U.S. Trade and Technology Council plans to develop standards, address supply chain issues and define approaches to data governance, but the road ahead could be a bumpy one. Continue Reading
By
- Makenzie Holland, Senior News Writer
Guest Post 11 Aug 2021
IoT legislation device manufacturers need to know about

To avoid penalties and meet government agency requirements, IoT device manufacturers must adhere to new standards and regulations. Learn the latest here. Continue Reading
By
- Farbod H. Foomany
News 06 Aug 2021
Amazon GDPR fine signals expansion of regulatory focus

Amazon's $887 million GDPR fine likely stems from consumer consent and may indicate the EU is moving beyond data breaches and zeroing in on data practices. Continue Reading
By
- Makenzie Holland, Senior News Writer
News 14 Jun 2021
Federal data privacy legislation could benefit U.S. economy

Data privacy laws are becoming part of a 'modern economy,' according to Google's Kate Charlet, director for data governance. Continue Reading
By
- Makenzie Holland, Senior News Writer
Tip 24 May 2021
An adequacy audit checklist to assess project performance

Adequacy audits are conducted to assess the efficacy of IT system controls and identify areas for performance or other improvements. Use this audit checklist to get started. Continue Reading
By
- Paul Kirvan
Feature 15 Apr 2021
Managing cybersecurity during the pandemic and in the new digital age

Roota Almeida, CISO at Delta Dental of New Jersey and Delta Dental of Connecticut, talks about the cybersecurity threats she's seen over the last year and how she's effectively managing her security team. Continue Reading
By
- Gabriella Frick
News 25 Feb 2021
Texas power outage flags need to revisit business continuity

Freezing conditions that caused Texas power outages affected businesses well beyond the state's borders, prompting a need for business continuity plans to be revisited. Continue Reading
By
- Carol Sliwa
Feature 11 Feb 2021
Changes to U.S. antitrust laws could hamper innovation

Antitrust lawsuits and regulatory proposals could have a greater impact on the technology industry than regulators expect. Expert Aurelien Portuese explains why. Continue Reading
By
- Makenzie Holland, Senior News Writer
Guest Post 16 Dec 2020
4 reasons to involve CISOs in mergers and acquisitions planning

As mergers and acquisitions go virtual due to COVID-19, the C-suite should include CISOs to help identify security risks, expedite cyber processes, review the new threat landscape and more. Continue Reading
By
- Jaime Fox and Deborah Golden
Guest Post 21 Oct 2020
Is your company's IT governance strategy cloud ready?

As companies prepare to migrate to the cloud, they need to review their IT governance strategy before making any decisions to ensure there won't be any issues later. Continue Reading
By
- Scott Cameron
Guest Post 22 Sep 2020
Ensuring your cybersecurity teams are helping the business

Business leaders need to review how they're handling cybersecurity oversight. Are leaders asking the right questions and understanding how their cybersecurity program currently works? Continue Reading
By
- Nick Vigier
Guest Post 06 Aug 2020
The contradiction of post COVID-19 risk management

Security vs. usability is always a constant struggle for security teams. The rapid change to remote access during the pandemic has forced companies to revisit their risk management approach. Continue Reading
By
- Jonathan Couch
Tip 24 Mar 2020
How to write an RFP and statement of work for an IT services contract

Master how to write an RFP and statement of work to get the IT services you need using these best practices from consulting firm ClearEdge Partners. Continue Reading
By
- Mary K. Pratt
Tip 13 Jun 2019
4 steps to remain compliant with SOX data retention policies

Data retention policy is inherent to Sarbanes-Oxley Act compliance. In this tip, learn SOX data retention best practices to remain regulatory compliant. Continue Reading
By
- Judith Myerson
Feature 17 Apr 2018
Tackling security debt: The role of risk register, patch management

In this Q&A, Akamai's Dave Lewis offers pointers on how to address security debt and also discusses how organizations can avoid incurring such debt. Continue Reading
By
- Mekhala Roy
Definition 01 Feb 2013
business continuity management (BCM)

Business continuity management (BCM) is a framework for identifying an organization's risk of exposure to internal and external threats. Continue Reading
By
- Karen Goulart
Quiz 15 Aug 2011
Test your social media risk management IQ: A SearchCompliance.com quiz

Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Continue Reading
By
- SearchCompliance.com Staff
Definition 07 Mar 2011
control framework

A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk. Continue Reading
By
- TechTarget Contributor
Feature 22 Jun 2009

Chapter excerpt: Decision-making processes and IT governance

Find out how sound decision-making processes form the foundation of IT governance policies by allocating decision rights and accountability. Continue Reading
Definition 12 Mar 2009
Electronic Communications Privacy Act (ECPA)

The Electronic Communications Privacy Act (ECPA) is a United States federal statute that prohibits a third party from intercepting or disclosing communications without authorization. Continue Reading
By
- TechTarget Contributor
Definition 29 Jan 2009
Fair Credit Reporting Act (FCRA)

The Fair Credit Reporting Act (FCRA) is United States federal legislation that promotes accuracy, fairness and privacy for data used by consumer reporting agencies. Continue Reading
By
- TechTarget Contributor
Definition 06 Mar 2008
FFIEC compliance (Federal Financial Institutions Examination Council)

FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC)... (Continued) Continue Reading
By
- TechTarget Contributor