governance - Concepts

Explore concepts tagged with "governance"

Total concepts: 28

Concepts

Inherent Risk - The level of risk present in an activity or process before any controls or mitigation measures are applied.
Residual Risk - The level of risk that remains after risk mitigation controls and treatments have been applied.
Quad Pattern - A documentation pattern using four complementary document types: rules, processes, requirements, and references.
Risk Management - The systematic process of identifying, assessing, prioritizing, and mitigating risks to minimize their negative impact.
Enterprise Risk Management - A holistic approach to managing all types of risk across an organization in an integrated and strategic manner.
Decision-Making Power - The authority and ability to make choices that affect outcomes within organizations and systems.
Risk Register - A structured document that records identified risks along with their analysis, treatment plans, and current status.
Data Retention Policy - A set of rules defining how long different types of data should be kept and when they should be deleted.
Risk Appetite - The level and type of risk an organization or individual is willing to accept in pursuit of their objectives.
Dual-Use Dilemma - The ethical challenge that arises when technology, knowledge, or research can be used for both beneficial and harmful purposes.
Decentralization - Distributing control, data, or operations across multiple independent nodes rather than centralizing.
Benevolent Dictator - A governance model where a single leader retains final authority but exercises it for the collective benefit.
Project Charter - A foundational document that formally authorizes a project and defines its scope.
AI Guardrails - Safety constraints and boundaries built into AI systems to prevent harmful or undesired outputs.
Accountability Principle - The requirement that organizations not only comply with data protection rules but must also demonstrate their compliance through documentation and evidence.
Risk Tolerance - The acceptable level of variation in outcomes that an organization or individual is willing to withstand.
Separation of Duties - Security principle requiring multiple people to complete critical tasks, preventing fraud and errors by one individual
Subsidiarity - The principle that decisions should be made at the lowest competent organizational level, closest to those affected.
Security Audit - A systematic evaluation of an organization's security posture against established standards and policies.
Operational Resilience - An organization's ability to prevent, adapt to, respond to, and recover from disruptions to continue delivering critical services.
Four Eyes Principle - Control mechanism requiring two people to approve critical actions, preventing unilateral decisions
Risk Culture - The shared values, beliefs, attitudes, and behaviors within an organization that shape how risk is identified, assessed, and managed.
Information Lifecycle Management - A comprehensive approach to managing data through all stages from creation to disposal based on its value and requirements.
Key Risk Indicators - Quantitative metrics used to monitor and provide early warning signals about changes in risk exposure.
BDFL - Benevolent Dictator For Life - a title for open source project leaders who retain final decision-making authority.
AI Governance - The frameworks, policies, and oversight mechanisms that guide the responsible development, deployment, and regulation of artificial intelligence systems.
Data Ownership - The concept of having property-like rights over data you create or that pertains to you.
AI Safety - Research and practices ensuring AI systems are beneficial and don't cause unintended harm.

← Back to all concepts