3 Strategic Oversight Responsibilities
Board members should assure:
1. Cybersecurity risks have been incorporated into strategic business decisions, including mergers and acquisitions
2. A systematic risk framework and operational controls are in place, aligned with high priority risks and legal/ regulatory/compliance requirements
3. Through continuous assessment and performance metrics, those programs are producing more security
Comments