Policy management relevant to data exchanges with third parties. How are you doing it and who is responsible for enforcing and maintaining those policies?

1.5k views2 Comments

Sort by:

Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotecha year ago

Really have seen the shift away from CIO to General Counsel/CCO.

Field Chief information Security Officer (CISO) for Public Sector & Client Advisor in Finance (non-banking)a year ago

In the public sector, especially in state and local governments, this policy management role has traditionally been under the Chief Information Officer (CIO). In many cases there has been a policy team that works with the procurement organization(s) that ensure that the right contract language is contained in statements of work and requests for proposals.

Also, governance and enforcement of compliance with these policies and industry standards has been under the CISO, CTO, Chief Privacy Officers (CPOs) and other tech leaders who also ensure that policies, standards are procedures are up-to-date and relevant.

That being said, many public sector organizations are adding Chief Data Officers (CDOs) that do not necessarily report to the CIO. In some cases, these CDOs are in business areas or report to other senior leaders.

Content you might like

If you’ve worked with mobile applications and have experience scanning code, either for vulnerabilities or to ensure best practices, what tools or solutions would you recommend for iOS and Android platforms?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What steps do you typically take when you notice a security team member becoming less and less engaged? How do you approach them to diagnose/address the issue?

How many direct reports away from the CEO is the senior-most security executive?

Direct report11%

125%

233%

318%

49%

>51%

View Results

Do you believe that (RPA, Automation, and intelligent Automation), coupled with clear guidelines, robust process mapping, and effective monitoring and control capabilities, can serve as a key enabler for successfully integrating AI and GenAI into an organization's operations and strategies?

Strongly Agree29%

Agree63%

Disagree10%

Strongly Disagree1%

View Results

Policy management relevant to data exchanges with third parties. How are you doing it and who is responsible for enforcing and maintaining those policies?

Sort by:

Content you might like

If you’ve worked with mobile applications and have experience scanning code, either for vulnerabilities or to ensure best practices, what tools or solutions would you recommend for iOS and Android platforms?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What steps do you typically take when you notice a security team member becoming less and less engaged? How do you approach them to diagnose/address the issue?

How many direct reports away from the CEO is the senior-most security executive?

Do you believe that (RPA, Automation, and intelligent Automation), coupled with clear guidelines, robust process mapping, and effective monitoring and control capabilities, can serve as a key enabler for successfully integrating AI and GenAI into an organization's operations and strategies?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Data-Driven Customer Experience: Uniting D&A and CX Teams

2024 Marketing Priorities and Challenges: Insights from the Field

Data and Analytics Priorities and Challenges: 2024 Trends

Generative AI and Software Engineering Teams: Adoption and Training

Take Your Insights On-the-Go