Pre-reading Material and The Certification Course Content
Board of Directors Implementation, Execution and Monitoring Certification Program
The Board of Directors understand the company’s total risk exposure of a cyber attack, including financial, legal and reputational impacts
The Board has the competence, has practised a cyber breach simulation with management and understands the procedure
The Board has evaluated the company’s Data and IT culture concerning cybersecurity with Senior Management. All stakeholders and employees are routinely trained. The Privacy, Data Protection IT and Cybersecurity awareness message from the Board and Senior Magamnet is regularly conveyed to employees?
Performance bonuses for non-compliance of Privacy, Data Protection IT and Cybersecurity issues are at stake
The Board has leveraged third-party expertise, or independent assessment (as described in the corporate Cyber-Risk Oversight Handbook), to validate that the Privacy, Data Protection IT and Cybersecurity risk management program is meeting its objectives
There are a benchmark and threshold on the information, senior management provides to help the Board to assess which critical business assets and analytical partners, including third parties and suppliers, are most vulnerable to cyber-attacks?
Is the Board comfortable with the process used to assess the company’s cyber risk management program by a third party, and do the results offer a comprehensive view?
The Board monitors how senior management is handling and monitoring critical Privacy, Data Protection IT and Cybersecurity vulnerabilities
The Board has developed an investment plan based on the managements indication where the next cybersecurity dollars should be invested and why?
There is an approved plan on how is the company handling privileged access to Privacy, Data Protection IT and Cybersecurity, and how do they oversee employees with privileged access?
The Board has approved the company’s policies on external and other publicly- disclosed Privacy, Data Protection IT and Cybersecurity breaches
The Board has a complete overview of Internationa Best Practices and Glæobal Compliance procedures related to Privacy, Data Protection IT and Cybersecurity
Does the Board have complete knowledge of lessons learned from those IT and cyber incidents being incorporated into the company’s Privacy, Data Protection IT and Cybersecurity response plan?
The Board has identified appropriate and meaningful cyber metrics and the Board is provided on a regular basis the dollar value of Privacy, Data Protection IT and Cybersecurity compliance
There is a total plan on how senior management evaluates and categorizes identified Privacy, Data Protection IT and Cybersecurity incidents and determine which to escalate to the Board?
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.