The Center for Audit Quality has just issued Cybersecurity Risk Management Oversight: A Tool for Board Members. The tool offers questions that directors can ask of management and the auditors as part of their oversight of cybersecurity risks and disclosures. The questions are designed to initiate dialogue to clarify the role of the auditor in connection with cybersecurity risk assessment in the context of the audit of the financial statements and internal control over financial reporting (ICFR), and to help the board understand how the company is managing its cybersecurity risks.
PwC’s 2017 Annual Corporate Directors Survey shows directors “clearly out of step” with institutional investors on social issues
In its Annual Corporate Directors Survey for 2017, PwC surveyed 886 directors of public companies and concluded that there is a “real divide” between directors and institutional investors (which own 70% of U.S. public company stocks) on several issues. More recently, PwC observes, public companies have been placed in the unusual position of being called upon to tackle some of society’s ills: in light of the “new administration in Washington and growing social divisiveness, US public company directors are faced with great expectations from investors and the public. Perhaps now more than ever, public companies are being asked to take the lead in addressing some of society’s most difficult problems. From seeking action on climate change to advancing diversity, stakeholder expectations are increasing and many companies are responding.” But apparently, many boards are not taking up that challenge; PwC’s “research shows that directors are clearly out of step with investor priorities in some critical areas,” such as environmental issues, board gender diversity and social issues, such as income inequality and employee retirement security.