First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Adopting written cybersecurity policies

Collaboration between the business risk and IT security teams

Take each of your business objectives and plans. Now, figure out what might result from a technology-related failure (noting that ‘technology’ extends beyond the IT function). Then, what are you going to do about it?


, , , , , ,

Cybersecurity governance and D&O liability

The assessment of a corporation’s cyber risks is part of a board of directors’ general risk oversight responsibilities. Since lawsuits, including class actions, are often commenced soon after a data breach, directors and officers should now consider that the board’s oversight of cyber risks may also be closely and thoroughly scrutinized in future litigation and […]


, , , , , , , , , , , , , ,