Report - December 2020
In collaboration with Deloitte, we carried out a survey to help financial firms understand how their peers are approaching and overcoming some of the key challenges and barriers to enable effective risk reporting.
This study identifies what constitutes effective and mature cyber and information security risk reporting. It also explores how operational risk teams can overcome some of the associated challenges. Twenty-nine members from the ORX cyber and information security risk (CISR) community responded to the survey.
The full report, detailing all our findings and analysis is available exclusively to our members, but we've also created a summary report with some of the highlights which is available to download for free.
What does the report cover?
The report focuses on cyber and information security risk reporting to the Board and corporate committee. It looks at a number of key areas including:
- What is reported to the Board
- Why these things are reported
- How the reports are created
- The level of Board awareness of CISR
- How reporting will develop in the future
Gated content start
Gated content stop
Disclaimer: ORX has prepared this resource with care and attention. ORX does not accept responsibility for any errors or omissions. ORX does not warrant the accuracy of the advice, statement or recommendations in this resource. ORX shall not be liable for any loss, expense, damage or claim arising from this resource. The content of this resource does not itself constitute a contractual agreement, and ORX accepts no obligation associated with this resource except as expressly agreed in writing. ©ORX 2023
Head of Services, ORX