Skip to content


ORX Cyber


ORX Cyber Community

Risk programme

Risk Landscape

Report - February 2021

As part of ORX’s work on cyber and information security risk (CISR), our members identified controls and indicators as a key area of challenge and were keen to gain a deeper understanding and carry out peer benchmarking. 

To address this, we launched the CISR Controls and Indicators Library, collecting and analysing cyber-related controls and indicators in operation, as well as the external control standards supporting cyber and information security management activities. The library has now developed into the ORX Cyber Controls & Indicator Benchmark.

Over the course of 2020, our members have shared information on the cyber-related controls and indicators they operate as part of their day-to-day risk management. In total, 28 banks and insurers contributed towards the development of the ORX CISR Controls and Indicators Library.

We carried out a review of the 2020 library submissions and have produced a report detailing our findings which is available for all ORX members to download.














Gated content start

This resource was produced as part of ORX Cyber

Want to access this resource?

If your firm subscribes to ORX Cyber or is an
ORX member, log in to read this resource.

Log into the ORX website

Talk to us today to discuss how you could
subscribe to ORX Cyber.

Speak to an expert

Gated content stop

About the ORX Cyber Controls and Indicators Benchmark

The ORX Cyber controls benchmark is based on the NIST framework, while the indicators benchmark is ORX’s bespoke list of cyber-related indicators in operation in the industry. It has been aligned to NIST framework functions to ensure consistency of reporting and support a more holistic view of cyber risk management.


Disclaimer: ORX has prepared this resource with care and attention. ORX does not accept responsibility for any errors or omissions. ORX does not warrant the accuracy of the advice, statement or recommendations in this resource. ORX shall not be liable for any loss, expense, damage or claim arising from this resource. The content of this resource does not itself constitute a contractual agreement, and ORX accepts no obligation associated with this resource except as expressly agreed in writing. ©ORX 2024


Helen L’Abbate

Helen L’Abbate

Head of Services, ORX

Speech bubbles icon

Get in touch

Contact us to find out more about the ORX Cyber Controls and Indicators Benchmark or to see if you can subscribe to the service.

Contact ORX