Protect Against Unmitigated Liabilities- Risk 4: Data Protection Failings and Cybersecurity


Campaign Overview

Earlier this year, we conducted a survey to assess how confident trustees and corporate sponsors felt about 10 fundamental areas of pensions risk. We focussed on areas not directly covered by the Integrated Risk Management Framework, and asked respondents to rank the risks in order of their “stay awake” factor. We have now produced a series of 10 factsheets, each one commenting on one of the survey risks. Our red risk flags highlight some key warning signs, and our mitigation tips are designed to supplement existing areas of risk mitigation. Each factsheet assumes there is an established risk management system on which additional measures can be built.

Risk 4: Data Protection Failings and Cybersecurity

Survey Result

This risk ranked fourth in our survey and it is included on 92% of risk registers. When we asked our survey respondents to provide examples of key mitigating actions undertaken by their scheme, the most common example given was the review of processes and contracts for General Data Protection Regulation (GDPR) compliance.


Pension schemes are particularly exposed to risks stemming from inadequate data protection and cybersecurity…

Read More…