Cyber Risk Board Reporting Study 2020
- 18 December 2020
Are you an ORX Member? Log in here to read the full report (check if your firm is a member)
Effective reporting of cyber and information security risk to Board and Corporate Committees
In collaboration with Deloitte, we carried out a survey to help financial firms understand how their peers are approaching and overcoming some of the key challenges and barriers to enable effective risk reporting.
This study identifies what constitutes effective and mature reporting and aims to understand how some of the challenges have been successfully overcome. Twenty-nine members from the ORX cyber and information security risk (CISR) community responded to the survey.
The full report, detailing all our findings and analysis is available exclusively to our members on the members-only website, but we've also created a summary report with some of the highlights which you can download for free.
What does the report cover?
The report focuses on cyber and information security risk reporting to the Board and corporate committee. It looks at a number of key areas including:
- What is reported to the Board
- Why these things are reported
- How the reports are created
- The level of Board awareness of CISR
- How reporting will develop in the future
Download the free summary report for insights and analysis on these areas and more to help you understand industry approaches to effective cyber risk reporting.
ORX Cyber: A guiding light for cyber risk management
Is your organisation trying to manage cyber risk in the dark without the right data and industry insights? We created ORX Cyber to help you solve these challenges.
ORX Cyber, a new service launching in 2021, is designed specifically for cyber and information security risk professionals in the second line of defence. Subscribe to ORX Cyber to:
- Access cyber and information security event data
- Understand your risk exposure
- Improve your practice
- Get insights into the latest industry trends
- Become part of a global community focused on cyber risk management