The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has teamed up with Deloitte Risk & Financial Advisory on publishing new guidance on managing cyber risks in a digital age.
The guidance, aimed at board directors, particularly audit committee members, as well as executive management and cyber practitioners, discusses how companies can apply COSO’s Enterprise Risk Management–Integrating with Strategy and Performance (ERM Framework), a widely used risk management framework, to protect organizations against cyberattacks. The guidance explains how organizations can leverage the five components and 20 principles of the ERM Framework to manage cyber risks.
COSO’s ERM Framework was updated in 2017 to spotlight the importance of applying ERM throughout an organization, particularly in strategic planning. One of the main drivers behind the 2017 update was to address the need for organizations to improve their approach in managing cyber risks. The new guidance aims to provide context on the fundamental concepts of cyber risk management to help organizations leverage their existing technical cybersecurity frameworks.
“As cyber threats increase in number,…