In a matter of seconds, generative artificial intelligence (AI) can draft a reasonably passable information security policy for an organization. The policy will look much like the thousands of publicly available policies found on the Internet. It will likely contain the generally accepted elements of a mature information security program: risk assessment, a categorical listing of primary security controls, a section on incident response, and further sections on employee obligations and training.
The policy will likely also contain a placeholder, such as "[Company Name]," where the organization should, at minimum, customize the policy to reflect that it has been evaluated, approved, and adopted by organization. There is risk in such ease of access to prefabricated policies, however.
Even before the Google transformer paper was published in 2017, giving rise to the recent explosion in large-language-model AI solutions, data protection policies were widely available on the Internet and just as widely cribbed by organizations looking for a good example from which to start, or in certain cases, end.
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
- Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
*May exclude premium content© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
