• Demonstration of knowledge of the issues and evidence of wide reading to support your analysis
• Demonstration of your ability to apply the knowledge to identify keys issues leading to your recommendations
• Evidence of sound reasoning and the exercise of professional judgement to support your recommendations
Development and statement of concise recommendations for presentation to the Chairman
• Overall structure and professional presentation of your report to the Chairman
High quality written communication of concepts and terms as the Chairman can be assumed to be professionally competent in corporate governance
Countering cyber risk presents a significant strategic challenge to leaders across industries and sectors but one that they must surmount in order to take advantage of the opportunities presented by the vast technological advances in networked technology that are currently in their early stages. Over the past decade, we have significantly expanded our understanding of how to build secure and resilient digital networks and connected devices. However, board-level capabilities for strategic thinking and governance in this area have failed to keep pace with both the technological risks and the solutions that new innovations provide.
Boards have a vital governance function, determining overall company behaviour and setting a company’s risk appetite. For boards, action means effectively exercising oversight by asking managers the right questions to ensure that the boards’ strategic objectives are met. This function is no different in the area of cyber resilience. By offering the following principles and tools, the Forum hopes to facilitate useful dialogue between boards and the managers they entrust with the operation of the companies to which they owe their fiduciary obligations.’
Source: World Economic Forum (2017), Advancing Cyber Resilience: Principles and Tools for Boards, http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles- Tools.pdf
Assume you have been employed as a corporate governance consultant by a company listed on the Australian Stock Exchange and ranked within the ASX200. TheChairman of the company has decided to address the issue of cyber security at the company board level.
As an initial step in the process of improving the cyber resilience of the company the Chairman has employed you to prepare a report that critically analyses how the company can best integrate its cyber security and resilience protocols to ensure continued corporate survival and improved business performance. The Chairman has requested that you submit a report providing examples of best practice and a clear set of recommendations on how the company should initiate a cyber resilience policy at the corporate board level. Your report will be tabled at the next board meeting for board members to review and evaluate your recommendations.