Home / All Governance Resources / Questions Directors Can Ask to Assess the Board’s “Cyber-Literacy”
All Governance Resources / Questions Directors Can Ask to Assess the Board’s “Cyber-Literacy”

Future of the American Board

Blue Ribbon Commission Reports

Questionnaire

Questions Directors Can Ask to Assess the Board’s “Cyber-Literacy”

By NACD Staff

03/01/2019

Cyber Risk Technology Oversight
  1. What do we consider our most valuable assets? How does our IT system interact with those assets? Do we believe we can ever fully protect those assets?
  2. Do we think there is adequate protection in place if someone wanted to get at or damage our corporate “crown jewels”? What would it take to feel confident that those assets were protected?
  3. Are we investing enough so that our corporate operating and network systems are not easy targets for a determined hacker?
  4. Are we considering the cybersecurity aspects of our major business decisions, such as M&A, partnerships, new product launches, etc., in a timely fashion?
  5. Who is in charge? Do we have the right talent and clear lines of accountability/responsibility for cybersecurity?
  6. Does our organization participate in any of the public or private sector ecosystem-wide cybersecurity and information-sharing organizations?
  7. Is the organization adequately monitoring current and potential cybersecurity-related legislation and regulation?
  8. Does the company have insurance that covers cyber events, and what exactly is covered?
  9. Is there director and officer exposure if we don’t carry adequate insurance?
  10. What are the benefits beyond risk transfer of carrying cyber insurance?

Thank you for your interest in this page.

Member-Only Content

For full access, please log in, or explore membership options.
Join NACD

Final Days to Save $1,000 on NACD Directors Summit 2025 Registration 

Register by Wednesday, April 30 to take advantage of this exclusive discounted pricing.

Register Now