Every year, NASCIO conducts a survey of the state CIOs to identify the top policy and technology issues facing state government. For 2022, a section was added to the survey that addresses enterprise risk management and state CIOs were asked to pick their top enterprise risks.

Risk 1 – Cybersecurity

Cybersecurity risks including data protection, insider threats, third-party resources as outsourcing increases, ransomware, identity theft, and unauthorized access to state government sources were considered the top enterprise risk for state CIOs.

Risk 2 – Technology Risk

IT infrastructure management, IT maturity, information asset management, cloud portfolio, AI and machine learning, and more were also considered major risks for state CIOs

Risk 3 – Operational Risk

Operational activities including policies, procurement, vendor management, physical security, business continuity, disaster recovery, and unauthorized access to a service can also pose a risk.

Risk 4 – External Risk

External factors can also pose a risk such as supply chains, utility disruption, inflation, economic risks, global pandemic, and workplace violence. 

Risk 5 РEnterprise Project Management 

A lack of effective project management can result in failed projects, late projects, irrelevant projects, lack of effective independent verification & validation, lack of qualified project management discipline, lack of self-correcting governance, and a lack of procurement process risks.

Risk 6 – Compliance Risk

Federal regulatory audits, state regulatory audits, contract compliance assurance, administrative regulations, and other compliance activities can become a risk for state CIOs.

Risk 7 – Financial Risk

Improper financial management can pose a huge risk to the enterprise and can impact budget management, valuation, liquidity, inadequate economic resilience, and more. The Proven Optics Financial Management Application Suite enables State IT organizations to automate budgeting, cost modeling, and invoicing/chargeback on the ServiceNow platform to mitigate this risk and transform the customer experience with IT. Check out our solutions on the ServiceNow Store today.

Risk 8 – Reputational Risk

A company’s reputation can be hindered by data breaches, lawsuits, fraud, and scandal which can create risk.

Risk 9 – Strategic Risk

There is strategic risk related to support of local government and investing in innovation.

Risk 10 – Workforce and Labor Risk

Human capital management, labor shortage, IT staffing and vendor personnel risk, recruitment and retention of employees, and other workforce-related areas can also pose a risk for state CIOs.

To access the full PDF, click here.