In a world increasingly subject to digitalisation and the use of technology, an ineffective IT strategy and failing IT are amongst the most significant risks facing the boards of most organisations. The purpose of this paper is to provide a practical guide to Chief Risk Officers (CROs) and senior risk professionals active in the insurance industry on the main threats and developments in the IT landscape in which they operate, and support them to effectively measure and manage these risks in their organisations.