Guidance for Non-Executive Directors
There is now a higher expectation that boards have a handle on the critical risks to their business – and cyber risks are no exception. Non-Executive Directors in particular, as the independent conscience of the board, are well placed to challenge the status quo and ask probing questions in this area.
Do I really understand the cyber risks my company faces?
This guidance seeks to help Non-Executive Directors engage with board colleagues on the oversight of cyber risks. It offers Non-Executive Directors key questions to help their company prosper in the information economy age.
Cyber security can be described as the digital or human measures you can take to reduce the risk and harm to your company's information and information based systems through theft, alteration or destruction.
Information is the lifeblood of an organisation, and yet with increasing automation and the degree of interconnection of information systems, a compromise of information in one area could impact the entire organisation and its customers. Information is everywhere: from customer facing systems (e.g. ATM, point of sale, mobile phones), to business systems (e.g. research, intellectual property, management information) and operational systems (e.g. safety, protection, process control)
Click here for a copy of the Guidance: