Risk management

Today’s CIO has a once-in-a-career opportunity to build an organization that can fulfill a very real need: that of in-house consultant. For many IT organizations, that won’t be easy, but no part of digital transformation is. For IT, it’s a complete change of mission, from one of control and gatekeeping to one of support and advice.

As organizations dive head-first into new technologies to avoid being victims of digital disruption, they’re taking on new risks that aren’t even on the radar of many auditors.

Consumers are paying attention to racial and other social justice issues now, and they’re demanding that brands do the same. Do you have your processes defined to address the issues correctly?

How do you create policies that act as guard rails, giving employees a high degree of freedom within a framework established to minimize the possibility of making a mistake?

I urge IT professionals and digital policy stewards alike, to broaden the scope of discussions to include other situations that may require a change in digital policies such as changes in technology. And here is how to get started!

Natural disasters -- hurricanes, tornados, earthquakes, etc. -- disrupt “business as usual” for both you and your customers. One way to avoid disruptions is to create sound digital policies. Let's delve into the how and what to get this done!

Knowing that sooner or later, you will need to address a data breach within your organization, fear is not the answer. Proactively preparing yourself and bringing good people into the fold to create the right proactive and response team, is the right solution.

The leadership must be committed to investing the necessary resources of time, money, human resources, and, in some cases, technology. So how do you get your management on board with digital policy aspirations?

“The views are my own and don't reflect those of my employer." is not a bulletproof statement. The views of the employee might not be those of the organization, but the employee is part of the organization, and what is said in social media reflects directly back on the organization.

We have to demand more of our leaders, and that starts with demanding more of our candidates. Their websites are about a decade behind basic digital security and privacy standards.

While I certainly don’t think it’s necessary for you to learn about things like processors and RAM, I do think it’s important to understand how the internet affects our lives both personally and as a society. Here is a resource to steer you in the right direction.

Comprehensive digital policies and practices ensure that a business complies with regulations. Counterintuitively, they also help the bottom line, unlock opportunity and streamline operations.

This is the time for companies to institutionalize (create, codify, train, hold accountable) smart and sound digital policies and practices in order to reduce digital risk and capitalize on the opportunities.

It would be nice if we could create laws before the situations they address present themselves, but the law rarely works that way. Here is how to provide digital policy guidance in an ever-changing landscape

If you’re responsible for digital governance at your organization, pay close attention to case studies of companies like Nike and Intel to learn how digital policies can be used to support, encourage, and inspire digital workers

It’s not business as usual! The rise in data protection laws is impacting your digital marketing and online operations.

Katie Quinn, the wife of Lewiston, CA's fire chief used social media to provide key information and a sense calm during the recent Carr Fire. Depending on your organizational culture, industry, and maturity, you should think twice before replicating such a governing model. Or if you do, you might want to reach out to Katie for some training!

What you need to know about the GDPR stance on automated decision-making

The 2018 World Technology Conference took place in Seattle recently and I was lucky enough to attend this mind meld event. Read on for observations and highlights.

Is your company US-based and assuming that GDPR doesn't have an impact since you don't have offices in the EU? Wrong!

All eyes have been on GDPR, but there is more to digital integrity and online risk coming our way. Pay attention to the proverbial forest as well as the trees.

Use this list to determine which digital policies you choose to create and adopt depend on variables particular to your organization.

To remain competitive in today’s market and continue to exist in the face of increasing digital and business disruption your legacy digital processes and operational models must be updated. Here's what to consider.

A primer on how to get started with digital policy development.

How can you ensure that your organization is protected and prepared when (not if!) an audit occurs?

Creating thorough digital policies is critical to capitalizing on the opportunities presented by the digital age.

Once you have identified who in your organizations should be tasked with establishing digital policy, it is time to assign official duties. I have provided a good list to get you started.

Creating and maintaining digital policies is, by nature, a team endeavor. But you also need someone to lead the team.

A good digital policy repository will enable digital workers to self-service to guidance, and you will have a higher rate of compliance.

Organizations have historically relied on IT for technical systems execution and, with the rise of websites and associated digital operations, that norm continued. So why can't IT own digital policies?

If you have an online presence, you have an online risk. And it extends way beyond publishing a blog post with an embarrassing spelling error.

Use the WanaCrypt opportunity to re-examine your approach to digital policy as well as the roles of those invested in your digital.

It is not a question of if a data breach will threaten your small business, but when.

Data security and data breaches are a big deal. Get the list of countries that have legal requirements for notification.

Today business users and digital marketers challenge their organization’s online integrity in many ways. Lawyers can help avoid the legal and regulatory landmines that pose a threat.

In using online services and products, users give up aspects of their privacy, and that seems to be acceptable up to a point. But how do you know you are not crossing that line?

Many U.S.-based companies extend their service and product reach into Canada with the assumption that our northern neighbors have the same regulatory and legal requirements. Unfortunately, this is not the case.

Stand up a functional policy program to align your organization to individual accountabilities for digital. In doing so, you can stop your organization from failing and begin to celebrate online integrity of your digital operations.

Why not look at the policies developed by other organizations and copy them?

What does it mean to have a good policy? Do you simply write out a document that checks the box or do you really consider your audience and write simple and understandable policies? Here is a quick look at what makes a policy a good one.

Is IKEA's pulling its digital catalog from its online Russian a good or bad move? Socially it may be perceived as a weakness, but what it demonstrates is especially strong digital governance.

What is your governance model and is it working? There are at least three ingredients you need to make it a success.

Is SharePoint the right tool? As long as you govern.

A few years ago, it would have been unheard of to have a Chief Digital Officer (CDO) in an organization.