Which Board Committee Should Oversee Cyber Risk? (Part 1)

Inside Americas Boardrooms
There is constant debate around who should own the cyber risk oversight responsibility: the audit committee, the full board, or a dedicated risk oversight committee? Host TK Kerstetter poses the question to Cindy Fornelli (Executive Director, Center for Audit Quality) and Jonathan Foster (Audit Chair, Masonite International Corp.) who agree to disagree with some of his foundational beliefs.

This show also looks at the role of strategy with respect to risk management, as well as asks the question, ''What is the outside auditor's role in cyber risk?'' All panelists confirm that, although it is ultimately a full board's responsibility to oversee risk, in most companies it is currently ''owned'' by the audit committee.

As cyber risk continues to escalate -- and with audit committees having little room in their agendas to deal with such growing concerns -- other options for oversight must be considered. �� Don't miss Part 2 of this series. Watch here.
Background image
Turn ESG Promises Into Progress
Lead the way on ESG with streamlined data collection, predictive modeling, specialized dashboards and auditable reports.
Related Insights

The Rising Tide of ESG – Navigating the Road Ahead

video

The Board's Role in Leading and Enabling GRC

Article

Board and Executive Collaboration: Components of a Secure Platform for the Evolving Workplace

White Paper