French Caldwell

A member of the Gartner Blog Network

Entries Categorized as 'compliance'


Court to Google: “Fogettaboutit” – Courts Will Make Technology Policy

by French Caldwell  |  May 13, 2014  |  2 Comments

Today, the European Court of Justice ruled that Google, and by implication other search engines, must allow for individuals to have certain personal data blocked from search results.  The case involved a Spanish national who wished to have personal data involving a foreclosure 16 years ago, an issue that has long since been resolved, removed […]

2 Comments »

Category: compliance public policy     Tags: , , ,

The Best Guarantors of Brand and Reputation Are Good People

by French Caldwell  |  May 1, 2014  |  2 Comments

Last week my colleagues Andrew Walls, Stessa Cohen and I published the “Regulated Social Media Survival Guide.”  While not all enterprises have strict regulations that limit how they can use social media, all do have in common the need to manage risk to brand and reputation.  I’ve been at the MetricStream GRC Summit today and […]

2 Comments »

Category: compliance ethics Risk Management Social Technology     Tags: , , , , , ,

#RSAC Buzz — Regulators Raising the Bar on Vendor Risk Management

by French Caldwell  |  February 27, 2014  |  2 Comments

  I went to the RSA conference once  — it was really busy and hearing from my buddies at the front, it’s now busier than ever.  So much for the boycott, eh? A lot of my security buddies are at RSA this week, and are broadcasting the buzz back to the rest of us here […]

2 Comments »

Category: Cloud compliance Cybersecurity Risk Management Third Party Risk Management Vendor Contracts     Tags: , , ,

WhiteHouse Announces PTO Will #Crowdsource Patent Review in Anti-Troll Initiative

by French Caldwell  |  February 21, 2014  |  1 Comment

As part of its anti-patent troll initiative, the White House announced a new crowdsourcing initiative at PTO.  Should be interesting.  Is government by the people taking on new expanded meaning and moving beyond representative democracy? The idea of crowdsourcing patent review was tested on a few hundred patents already.  PTO used Stack Exchange to test […]

1 Comment »

Category: compliance Crowdsourcing Legal IT public policy Social Technology     Tags: , , ,

Happy #GIGD, the Problem with Twitter, and Where’s the Love for Info Gov?

by French Caldwell  |  February 20, 2014  |  1 Comment

Global Information Governance Day — who knew.  Not I, and I must apologize to those who take such industry observance days seriously — which I don’t — but I forgot to bring flowers or a bottle of wine or something.  What’s really appropriate for #GIGD anyway? Not that information governance is not a serious subject, […]

1 Comment »

Category: compliance Legal IT     Tags:

A Revolution in GRC Affairs at Gartner (or burning the EGRC mq)

by French Caldwell  |  February 4, 2014  |  3 Comments

Gartner’s coverage of vendors in the GRC marketplace is about to change.  The main reason for the change, as noted in the most recent Enterprise Governance, Risk and Compliance Platforms Magic Quadrant, is that GRC solutions buyers are shifting away from a platform-centric approach to one focused on targeted solutions for specific use cases. A […]

3 Comments »

Category: Applications compliance GRC IT Governance Risk Management     Tags: , , , ,

To Improve Cloud Security, by 2020, Enterprises Will Fire Senior Managers

by French Caldwell  |  January 17, 2014  |  1 Comment

I came across a survey report last week from security and investigations service firm Stroz-Freiberg that highlights the fundamental tenet of effective compliance and risk management – tone at the top.   The survey of 764 information workers shows that senior managers are the worst offenders when it comes to using personal cloud services to manage […]

1 Comment »

Category: Cloud compliance IT Governance Risk Management     Tags:

New FFIEC Guidance on Social Media Risk Management Effective Immediately

by French Caldwell  |  December 13, 2013  |  1 Comment

The final guidance from the FFIEC on social media risk management for financial institutions has been promulgated.  It is effective immediately.  As I mentioned earlier this year, regulatory guidance of this sort is not optional. I did a study recently on the public comments for my doctor in law and policy program at Northeastern University– […]

1 Comment »

Category: Cloud compliance GRC public policy Risk Management Social Technology     Tags: , , ,

Compliance and Risk Hiring to Be Hot in 2013

by French Caldwell  |  February 6, 2013  |  Comments Off

Even as the economic recovery gains momentum, risk management and compliance are still growing in importance.  This trend should continue until there is a shift politically and culturally toward deregulation.  In the Gartner CEO survey, regulatory risk was ranked as the number one business risk, and in the Gartner Forbes Board survey, risk management, legal […]

Comments Off

Category: compliance Legal IT Risk Management     Tags:

SMAC in the Middle of the Nexus at LegalTech

by French Caldwell  |  January 30, 2013  |  Comments Off

I’m on the road this week — first Boston for client visits and then PwC’s industry analyst summit, and now New York for a day at the LegalTech conference.  What struck me most with PwC is how they were talking SMAC — the convergence of social, mobile, analytic and cloud technologies — what Gartner calls […]

Comments Off

Category: Cloud compliance Legal IT Social Technology     Tags: