ORX surveys firms to find controls and indicators for cyber risk
- 29 October 2019
We are currently surveying financial firms to find out what key controls and indicators they are using to manage cyber and information security risk. This survey is being done as part of our cyber and information security risk (CISR) programme, which is looking at how ORX can support firms in managing this risk. We’re pleased to say that we now have cyber and information security experts from more than 45 financial institutions around the world taking part in the programme.
In this survey, we are capturing information on the key controls, indicators and external standards or frameworks that support cyber and information security risk management activities. This is an area that the cyber programme participants showed lots of interest in. Collecting this data will allow companies involved in the programme to see how they compare to each other.
This survey is just one part of the work that we have done so far on cyber and information security risk. Working closely with the expert working group, we have also agreed and produced the definitions which are being used throughout the initiative (download your copy here). In addition to this, we have worked with participants to explore cyber and information security risk management roles and responsibilities. This looked at reporting lines and how the roles and responsibilities are split across the three lines of defence. The results of that survey are now available for you to read.