Stock illustration: Cyber criminal

In a matter of seconds, generative artificial intelligence (AI) can draft a reasonably passable information security policy for an organization. The policy will look much like the thousands of publicly available policies found on the Internet. It will likely contain the generally accepted elements of a mature information security program: risk assessment, a categorical listing of primary security controls, a section on incident response, and further sections on employee obligations and training.

The policy will likely also contain a placeholder, such as "[Company Name]," where the organization should, at minimum, customize the policy to reflect that it has been evaluated, approved, and adopted by organization. There is risk in such ease of access to prefabricated policies, however.

Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

  • Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
  • Exclusive discounts on ALM and Treasury & Risk events.
  • Access to other award-winning ALM websites including and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.