Cybersecurity: What the Board of Directors Needs to Ask - PDF

The overwhelming number of cybercrime incidents has forced boards to ask strategic and thoughtful questions directed toward management and internal audit. The board needs to take a more proactive role in cybersecurity or face the possibility of lawsuits if there’s a security breach. The IIA Research Foundation, in partnership with ISACA, commissioned the research reportCybersecurity: What the Board of Directors Needs to Ask to: 

• Help directors know how they should react to a cybersecurity breach and what to do
• Understand that cybersecurity is an enterprise-wide issue, not just an IT issue
• Know what the auditor’s role is in helping the board of directors address cybersecurity

The report also outlines the National Association of Corporate Directors' (NACD’s) five principles to identify action items for the board and provides a list of top questions every board needs to ask.