7 Risk Management Rules for CIOs:
1. Establish risk appetite for alignment with IT strategy.
2. Maintain a comprehensive application inventory to mitigate risks.
3. Adopt a proactive cybersecurity culture and measures.
4. Formalize risk management in daily operations for clarity.
5. Assess risk strategies against real-world incidents.
6. Focus on system resiliency and recovery capabilities.
7. Align IT risk management with business objectives for better resource allocation.
https://www.cio.com/article/3954997/7-risk-management-rules-every-cio-should-follow.html