Latest News

Executives concerned by quality of cyber risk info

By staff reporter

Audit committee members are concerned about the quality of information that they receive on cyber security according to a new survey of some 1,800 audit committee members in 21 countries undertaken by KPMG’s Audit Committee Institute.

When asked whether they were satisfied with the quality of information they receive from their company on a range of issues, cyber security came out bottom of the pile. Only a fifth of UK respondents said they were fully satisfied with information on cyber security (globally, 26% were satisfied) – compared to satisfaction levels of over 70% on legal and regulatory compliance issues.

Additionally, only just over a third of UK audit committee members are fully satisfied that their company’s risk management process is dynamic enough to cope with a rapidly changing environment including new technology and social media risks.
Nearly half (45%) of survey respondents globally said their company’s risk management programme requires “substantial work” (UK respondents: 39%).

Meanwhile, anti-bribery laws have become a significant area of attention with over three quarters of UK audit committee members saying that they have increased their focus on the issue.

Commenting on the findings, Malcolm Marshall, partner in KPMG’s Risk Consulting practice, said: “The findings confirm our experience that the level of information that Boards’ receive on cyber security is patchy – there are many examples of complacency. Defending businesses against the threat can’t be left to the IT function alone – it needs leadership from the top and audit committees play a key role in this. The results show that they have an appetite to get more actively involved. They need to get involved and they need to do that now.”

KPMG’s survey also found that there is an acknowledgement that greater IT expertise on audit committees would be helpful. When asked what would most improve audit committee effectiveness further, additional expertise on the committee in terms of knowledge and background, including IT, was the top item, as well as greater diversity of thinking and background.

    Share Story:

YOU MIGHT ALSO LIKE

Hospitality sector urges clearer government guidance and more support over pandemic next steps

2022 Predictions: A year of opportunity

2022 Predictions: FCA and Treasury will seek AR oversight improvements


BANNER

Resilience Rooted in Reality
In this podcast, CIR speaks to CLDigital’s Tejas Katwala about why organisations must move beyond checklist compliance to build living, data driven resilience. He explains how rethinking governance, risk and compliance, breaking down silos and focusing on value streams can create sustainable, real time resilience that is rooted in the way businesses actually operate today.

Building cyber resilience in a complex threat landscape
Cyber threats are evolving faster than ever. This episode explores how organisations can strengthen defences, embed resilience, and navigate regulatory and human challenges in an increasingly complex digital environment.

© 2019 Perspective Publishing     Privacy & Cookies