GovWhitePapers Logo

Sorry, your browser is not compatible with this application. Please use the latest version of Google Chrome, Mozilla Firefox, Microsoft Edge or Safari.

Risk Management / Regulatory content

Insider Risk 2025 Update: From Quiet Concern to Strategic Priority

Insider Risk 2025 Update: From Quiet Concern to...

The Insider Risk Working Group met to discuss the evolving landscape of insider risk management within Federal agencies, the supporting defense industrial base (DIB), and commercial organizations. The discussion explored…

Learn More
How Blockchain Supports Key Government Priorities

How Blockchain Supports Key Government Priorities

Blockchain is transforming how government agencies approach transparency, efficiency, and security. By enabling real-time tracking of transactions and automating processes like tax collection and benefits distribution, blockchain can help build…

Learn More
Weapon Systems Annual Assessment

Weapon Systems Annual Assessment

GAO’s latest assessment finds the Department of Defense continues to fall short on delivering advanced weapon systems quickly and cost-effectively. Many programs using acquisition pathways designed for speed instead suffered…

Learn More
Protecting Critical Infrastructure Through Prosecution

Protecting Critical Infrastructure Through...

This report explores how criminal prosecution can be a powerful tool for protecting U.S. critical infrastructure against cyber and physical threats. Using the example of the Flax Typhoon botnet takedown,…

Learn More
Artificial Intelligence in the Fire Service

Artificial Intelligence in the Fire Service

As artificial intelligence continues to transform public safety, the fire service stands to gain powerful new tools—but only if AI is implemented responsibly. This NIST publication explores how AI can…

Learn More
Metrics and Methodology for Hardware Security Constructs

Metrics and Methodology for Hardware Security...

Despite hardware’s reputation for being secure, this NIST paper reveals how flaws introduced during design or manufacturing can lead to serious vulnerabilities. It introduces a scalable methodology for mapping hardware…

Learn More
Cybersecurity: Network Monitoring Program Needs Further Guidance and Actions

Cybersecurity: Network Monitoring Program Needs...

Federal agencies are making strides in reducing cybersecurity risks thanks to the Continuous Diagnostics and Mitigation (CDM) program, but significant gaps remain. While CDM has improved agencies’ ability to respond…

Learn More
Anticipating AI’s Impact on the Cyber Offense-Defense Balance

Anticipating AI’s Impact on the Cyber...

As artificial intelligence becomes more embedded in cybersecurity, its influence on the offense-defense balance is growing—but in unpredictable ways. AI could strengthen defenders by automating patching, hardening networks, and identifying…

Learn More
Caregiving: HHS Should Clarify When Youth May Qualify for Support Services

Caregiving: HHS Should Clarify When Youth May...

The GAO reviewed how the Department of Veterans Affairs manages its healthcare providers’ professional credentials and found notable weaknesses. Thousands of providers had expired or potentially invalid licenses, which could…

Learn More
Securing AI: Addressing the OWASP Top 10 for Large Language Model Applications

Securing AI: Addressing the OWASP Top 10 for Large...

As artificial intelligence systems become more embedded in critical infrastructure and decision-making, securing them is no longer optional. This report breaks down the top 10 security vulnerabilities facing large language…

Learn More
Ceres 10-Point Plan for the Insurance Industry

Ceres 10-Point Plan for the Insurance Industry

The Ceres 10-point plan provides a comprehensive roadmap for insurers, regulators, local governments, community groups, and investors to collaborate on ensuring the industry’s resilience. By taking bold action, embracing innovation,…

Learn More
Navigating Climate Risks: Progress and Challenges in U.S. Insurance Sector Disclosures

Navigating Climate Risks: Progress and Challenges...

This report is the second annual analysis Ceres has conducted of major U.S. insurers’ climate risk strategies by examining the disclosures companies are making under the National Association of Insurance…

Learn More
Driving Efficient Acquisition of Artificial Intelligence in Government

Driving Efficient Acquisition of Artificial...

As federal agencies ramp up AI adoption, this OMB memorandum outlines how to responsibly and efficiently acquire AI systems while safeguarding privacy, civil liberties, and public trust. It emphasizes minimizing…

Learn More
Accelerating Federal Use of AI through Innovation, Governance, and Public Trust

Accelerating Federal Use of AI through Innovation,...

The Office of Management and Budget issued new guidance to accelerate federal agency adoption of AI while maintaining public trust and responsible governance. Agencies are directed to reduce bureaucratic barriers,…

Learn More
Timing of Judicial Review of Agency Action: Limiting Review After a Period of Time

Timing of Judicial Review of Agency Action:...

This report examines the legal complexities surrounding when and how judicial review of federal agency actions can be time-barred. It explores general and special statutory limitations, such as the six-year…

Learn More