Designed specifically for board members, this session will explore the UK Cyber Governance Code of Practice, with a focus on the 'Risk Management' principle of the Code (principle A); exploring cyber risk practices.
The Cyber Governance Code of Practice (CGCP) was published by the UK Department for Science, Innovation and Technology, with the aim of supporting boards in governing cyber security risks. The Code sets out the most critical governance actions that directors are responsible for, forming part of the government's free support package.
Topics covered in this session will include:
- Accountability for cyber risk.
- Aligning cyber risk management with an ERM framework.
- Establishing the scope and business criticality of your technology estate.
- Assessing the impact and likelihood of a cyber incident.
- Developing a risk appetite statement.
- Approach to quantifying cyber risk.
- Evaluating the transfer of cyber risk to insurance.
- Assessing if your suppliers meeting your security standards.
- Overview of horizontally applicable UK regulations.