Boards of directors, audit committee members, and executive management teams interested in learning how to apply COSO’s Enterprise Risk Management framework to protect against cyber-attacks now have new guidance available.
On Dec. 17, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Deloitte Risk & Financial Advisory, announced the release of “Managing Cyber Risk in a Digital Age.”
The guidance provides insight into how organizations can leverage the five components and 20 principles of the ERM Framework to identify and manage cyber-risks. The framework was updated in 2017 to highlight the importance of applying ERM throughout an organization, particularly in strategic planning.
The latest guidance is designed to provide context related to the fundamental concepts of cyber-risk management, making it easier for organizations to leverage existing technical cyber-security frameworks.
“As cyber threats increase in number, complexity, and destructiveness, organizations face a greater risk in achieving their strategic objectives,” said COSO Chair Paul Sobel in a news release. “COSO’s ERM Framework provides a foundation upon which a cyber-security program can be built, integrating cyber-risk management concepts with elements of strategy, business objectives, and performance, which can result in increased business value.”