Board Reporting for Security Professionals
Save time preparing your board report and tell the board what they want to know.
Here at TrustMAPP, we talk to CISOs daily.
We spoke with over 20 CISOs about what the most important part of their report to the board is…and we got 20 different answers of course.
“Know your board… research other boards they serve on and companies they’ve worked for.” – Jason Lish, CISO at Lumen Technologies
“There is no one ‘The board’. Learn what the board prefers in terms of communications both collectively and individually.” – Allan Alford, CISO at TrustMAPP
“I think numbers are going to be increasingly important with boards. We shouldn’t be asking the board for cash: they have a governance role, not an operational one.” – Rich Mason, Former CSO at Honeywell Global
Download the Toolkit
We understand the importance of reporting to the board and the variations of said reporting. So, we’ve consolidated responses and variations in data representation and created a Board Reporting Best Practices Framework:
Three things to consider in your presentation
What every board report should cover (Slides 4 – 11)
The primary duties of a corporate board you should consider
Five questions your board WILL ask and how to answer them according to Gartner®
* GARTNER® is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner, Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer, Sam Olyaei, Jeffrey Wheatman, 3 December 2020.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from TrustMAPP.*