Cyber security and the board’s audit and risk committee
Conclusion: Increasing emphasis in the media and in industry literature on cyber security and the risks of data breaches with service disruptions is likely to get extra attention in future from the board and their audit and risk committee (or ICT governance group).
Not only must the committee be concerned with risk prevention, astute members will also want to know how the organisation will recover from a data breach or ransomware attempt and restore the organisation’s operations, if an unexpected disruption to services occurs.
To minimise business risks, committee members must stay aware of local and international cyber security incidents, how they occurred and were addressed and what they need to do to make sure they are not replicated in their organisation.
About The Advisor
Alan Hansell is an IBRS advisor who focuses on IT and business management. Alan is able to critique and comment on IT and business management trends, ways to justify and maximise the benefits from IT-related investment, IS management development and the role of the CIO. Alan has extensive experience in IT management, consulting and advising senior managers in matters related to IT investment. He was a Director in Gartner's Executive program and adviser to over 50 CIOs and business managers and before joining Gartner a consultant with DMR Group. He also worked as an IS professional, manager and industry consultant for IBM for nearly 30 years. Alan is a CPA and Associate of Governance Institute of Australia.