治理日益增长的重要性并不令人意外, as this seemingly dry topic grows in relevance due to fundamental changes in the economy, emerging technologies, and broader societal trends, 所有这些都会影响到整个人口. One reason for the growing importance of governance is an outcome of changes in the way information is created, distributed, and consumed. Another reason is the outcome of increasingly complex societal issues needing to be addressed. But possibly the greatest driver of this is that citizens and consumers are more informed and engaged than ever, 并要求提高透明度, accountability, 以及参与影响他们的决策过程. This surge in importance is further accentuated by the complex interconnectedness of various elements at play in our day-to-day world.
From an IT perspective, various forms of governance are relevant for analyzing governance trends. 其中包括公司治理, IT governance, data governance, and more recently, AI governance (Figure 1).
图1:一些不同形式的治理之间的关系
Figure 1 encapsulates:
- Risk, by the entirety of enterprise governance (also highlighting why the CRO should report to the CEO)
- Security, in IT governance e.g. 通过防火墙和数据治理e.g. by ACL management
- Privacy, in IT governance e.g. 通过pet和数据治理e.g. by consent management
- Audit, in conformance (compliance) and also by means of overall enterprise risk control effectiveness
One way of gathering global governance trend information is to use Google Trends data as a guide to identifying relevant Google search activity in 2023, 以及识别搜索中快速和相关变化的领域. 该活动于2023年11月8日进行(图2).
The outcome of the analysis suggests that data governance is the most dominant governance topic in north America, parts of south America, parts of Europe, and Russia, 而公司治理一直是非洲的主要话题, Oceania, China, and southeast Asia. IT governance is the 3rd highest governance topic, 南部非洲对此主题最感兴趣, Australia, the Indian subcontinent, and Canada.
Figure 2: The search volumes of the in-scope governance forms are dominated by searches for data governance and corporate governance. Source: Google Trends
The following is a summary - in descending order - of the top governance searches and search trends:
2023年全球治理热门搜索:
- Corporate Governance: Description of corporate governance, ethics, risk, and social responsibility
- IT治理:对IT治理的描述, relationship to data governance, 与公司治理的关系
- Data Governance: Description of data governance, relationships to data management, and frameworks
- 人工智能治理:与数据治理的关系, description of AI governance, 与公司治理的关系, 以及与IT治理的关系
It is clear that the search for definitions - always topical in data and IT - continues in governance. 2023年全球治理搜索趋势如下:
- Corporate Governance: OSFI (Office of the Superintendent of Financial Institutions, Canada), 国际财务报告准则(IFRS), and ESG (Environmental, Social, and Governance)
- IT和数据治理:生成式人工智能
- 人工智能治理:生成式人工智能、ChatGPT和Bard
生成式人工智能成为IT界的一个突出主题, data, and AI governance, indicating widespread interest in the oversight of content-creating AI technologies and solutions. Furthermore, IT治理之间的关系, data governance, and corporate governance, is a strong theme, 突出了治理的集成性质,如图1所示. 根据这种基于搜索的趋势分析,出现了五种治理趋势:
- Governance Interrelationships
- Generative AI Impact
- 数据治理框架和管理
- Regulatory Compliance and Reporting based on the increased scrutiny and emphasis on regulatory compliance. An explanation for OSFI emerging as a trend (it is Canada-specific) could be that the OSFI site provides good general-purpose corporate governance information
- Environmental, Social, and Governance (ESG) based on the renewed focus on ESG in corporate governance
There are practical implications of these trends in the workplace for holders of each of the major ISACA certifications:
Figure 3: How the skills learned within some of ISACA’s major certifications support the trends
| CRISC | CISA | CISM | CGEIT | CDPSE | |
| ESG | Creating a broader understanding of enterprise risk impact by including ESG factors | 审计,确保esg相关数据的完整性 | Integrating ESG data sourcing and data access into information security strategies | 确定IT战略和公司ESG目标之间的一致性 | Solving for the privacy implications of ESG-related data, especially where individuals are involved |
| Tech Integration | 整合聚合技术风险(例如.g., including generative AI chatbots into business operations) into risk management | Auditing the amplified risk impact of technology convergence both operationally and for security | 在融合技术的背景下管理信息安全 | 通过有效的IT治理使技术与业务目标保持一致 | Incorporating technology convergence considerations into data privacy solutions |
| Generative AI | Understanding and managing risks of AI implementation, including generative AI | 审核AI系统,确保可靠性、安全性和合规性 | Securing information systems against emerging threats, including generative AI | 使人工智能治理与整体IT治理保持一致 | 解决生成人工智能的隐私影响和伦理使用 |
| Data | 强调数据在风险管理中的关键作用, 强调健壮的数据治理框架 | 确保数据治理控制的有效性 | 保护数据资产并与数据治理原则保持一致 | 将数据治理与整体IT治理结合起来 | 解决所有关键的数据保护问题 |
| Regulatory Compliance | 理解和管理与法规遵从性相关的风险 | Auditing and ensuring compliance with relevant security and data protection regulations | Developing and implementing information security programs aligned with regulatory requirements | 确保IT实践符合适用的法律法规 | 根据法例要求管理资料私隐 |
In conclusion, there are five clear governance areas that deserve focus in 2024 based on an integrated analysis of the search trends in four categories of governance, 对ISACA的各种认证持有者具有实际意义.
If the analysis extends to governance in general, then a few other factors emerge. For example, there is a major trend over the same timeframe with respect to related searches for the Organization for Economic Cooperating and Development (OECD), possibly given the OECDs role in promoting good governance practices in partner countries (there are 38). 紧随其后的是世界银行和电子政府的相关搜索趋势.
图4:过去10年对“ESG”一词的搜索兴趣. Source: Google Trends
The greatest overall search trends in a general governance context seems to be with respect to the governance implications of ESG, sustainability, socially responsible investing, 和MSCI(一家提供e.g.、面向投资者的ESG和气候产品). 自2019年以来,这一数字一直呈上升趋势,尽管似乎已经见顶.
For ISACA certification holders, 不管治理趋势如何, the skills gained place you well with respect to being career-competitive in the context of those trends as Figure 3 shows.
