治理日益增长的重要性并不令人意外, as this seemingly dry topic grows in relevance due to fundamental changes in the economy, 新兴技术, 更广泛的社会趋势, 所有这些都会影响到整个人口. One reason for the growing importance of governance is an outcome of changes in the way information is created, 分布式, 和消费. Another reason is the outcome of increasingly complex societal issues needing to be addressed. But possibly the greatest driver of this is that citizens and consumers are more informed and engaged than ever, 并要求提高透明度, 问责制, 以及参与影响他们的决策过程. This surge in importance is further accentuated by the complex interconnectedness of various elements at play in our day-to-day world.
From an IT perspective, various forms of governance are relevant for analyzing governance trends. 其中包括公司治理, IT治理, 数据治理, 最近, AI治理(图1).
图1:一些不同形式的治理之间的关系
图1封装了:
- 风险, by the entirety of enterprise governance (also highlighting why the CRO should report to the CEO)
- IT治理中的安全性.g. 通过防火墙和数据治理e.g. 按ACL管理
- 隐私,在IT治理e.g. 通过pet和数据治理e.g. 同意管理
- 审计, in conformance (compliance) and also by means of overall enterprise risk control effectiveness
One way of gathering global governance trend information is to use Google Trends data as a guide to identifying relevant Google search activity in 2023, 以及识别搜索中快速和相关变化的领域. 该活动于2023年11月8日进行(图2).
The outcome of the analysis suggests that 数据治理 is the most dominant governance topic in north America, 南美洲部分地区, 欧洲部分地区, 和俄罗斯, 而公司治理一直是非洲的主要话题, 大洋洲, 中国, 和东南亚. IT治理是第三个rd 最高治理主题, 南部非洲对此主题最感兴趣, 澳大利亚, 印度次大陆, 和加拿大.
Figure 2: The search volumes of the in-scope governance forms are dominated by searches for 数据治理 公司治理. 来源:Google Trends
The following is a summary - in descending order - of the top governance searches and search trends:
2023年全球治理热门搜索:
- Corporate 治理: Description of corporate governance, ethics, risk, and social responsibility
- IT治理:对IT治理的描述, 与数据治理的关系, 与公司治理的关系
- Data 治理: Description of 数据治理, relationships to data management, and frameworks
- 人工智能治理:与数据治理的关系, 人工智能治理描述, 与公司治理的关系, 以及与IT治理的关系
It is clear that the search for definitions - always topical in data and IT - continues in governance. 2023年全球治理搜索趋势如下:
- Corporate 治理: OSFI (Office of the Superintendent of Financial Institutions, 加拿大), 国际财务报告准则(IFRS), 和环境、社会和治理(环境), 社会, 和治理)
- IT和数据治理:生成式人工智能
- 人工智能治理:生成式人工智能、ChatGPT和Bard
生成式人工智能成为IT界的一个突出主题, data, 和人工智能治理, indicating widespread interest in the oversight of content-creating AI technologies and solutions. 此外, IT治理之间的关系, 数据治理, 公司治理, 是一个强有力的主题, 突出了治理的集成性质,如图1所示. 根据这种基于搜索的趋势分析,出现了五种治理趋势:
- 治理的相互关系
- 生成式AI影响
- 数据治理框架和管理
- 法规遵从性 and Reporting based on the increased scrutiny and emphasis on regulatory compliance. An explanation for OSFI emerging as a trend (it is Canada-specific) could be that the OSFI site provides good general-purpose corporate governance information
- 环境, 社会, and 治理 (环境、社会和治理) based on the renewed focus on 环境、社会和治理 in corporate governance
There are practical implications of these trends in the workplace for holders of each of the major ISACA certifications:
Figure 3: How the skills learned within some of ISACA’s major certifications support the trends
| CRISC | 中钢协 | CISM | CGEIT | CDPSE | |
| 环境、社会和治理 | Creating a broader understanding of enterprise risk impact by including 环境、社会和治理 factors | 审计,确保esg相关数据的完整性 | Integrating 环境、社会和治理 data sourcing and data access into information security strategies | 确定IT战略和公司环境、社会和治理目标之间的一致性 | Solving for the privacy implications of 环境、社会和治理-related data, especially where individuals are involved |
| 技术集成 | 整合聚合技术风险(例如.g., including generative AI chatbots into business operations) into risk management | 审计ing the amplified risk impact of technology convergence both operationally and for security | 在融合技术的背景下管理信息安全 | 通过有效的IT治理使技术与业务目标保持一致 | Incorporating technology convergence considerations into data privacy solutions |
| 生成的人工智能 | Understanding and managing risks of AI implementation, including generative AI | 审核AI系统,确保可靠性、安全性和合规性 | Securing information systems against emerging threats, including generative AI | 使人工智能治理与整体IT治理保持一致 | 解决生成人工智能的隐私影响和伦理使用 |
| Data | 强调数据在风险管理中的关键作用, 强调健壮的数据治理框架 | 确保数据治理控制的有效性 | 保护数据资产并与数据治理原则保持一致 | 将数据治理与整体IT治理结合起来 | 解决所有关键的数据保护问题 |
| 法规遵从性 | 理解和管理与法规遵从性相关的风险 | 审计ing and ensuring compliance with relevant security and data protection regulations | Developing and implementing information security programs aligned with regulatory requirements | 确保IT实践符合适用的法律法规 | 根据法例要求管理资料私隐 |
总之, there are five clear governance areas that deserve focus in 2024 based on an integrated analysis of the search trends in four categories of governance, 对ISACA的各种认证持有者具有实际意义.
If the analysis extends to governance in general, then a few other factors emerge. 例如, there is a major trend over the same timeframe with respect to related searches for the Organization for Economic Cooperating and Development (OECD), possibly given the OECDs role in promoting good governance practices in partner countries (there are 38). 紧随其后的是世界银行和电子政府的相关搜索趋势.
图4:过去10年对“环境、社会和治理”一词的搜索兴趣. 来源:Google Trends
The greatest overall search trends in a general governance context seems to be with respect to the governance implications of 环境、社会和治理, 可持续性, 社会责任投资, 和MSCI(一家提供e.g.、面向投资者的环境、社会和治理和气候产品). 自2019年以来,这一数字一直呈上升趋势,尽管似乎已经见顶.
适用于ISACA认证持有者, 不管治理趋势如何, the skills gained place you well with respect to being career-competitive in the context of those trends as Figure 3 shows.
