Shadow Policies: Increasing Legal Exposure & Liability
Are you scared of shadows? You should be, as they can cause serious legal, operational, compliance, risk, brand/reputation, and integrity liability.
For the past several years organizations have been battling shadow IT. This is the use of information technology applications, devices, software, technology, and services within departments and bypassing IT and without their approval. Shadow IT has grown significantly over the past several years with the adoption of cloud-based applications and services. It introduces serious risk exposure to your organization through data breaches and potential compliance violations.
The risk of shadow policies is growing with organizations coming out of lockdown.
Now there is a new shadow to be scared of: shadow policies. These are rogue policies that are being written at all levels of the organization without proper review and approval. This puts the organization at significant risk to legal liability and exposure . . .
[THE REST OF THIS ARTICLE CAN BE FOUND ON THE NAVEX GLOBAL BLOG WHERE GRC 20/20’S MICHAEL RASMUSSEN IS A GUEST AUTHOR]