Board-Level Cybersecurity Metrics
In brief: Produced in the NACD Director’s Handbook on Cyber-Risk Oversight, this tool provides guiding principles for board-level metrics and recommendations for the types of cybersecurity metrics the board should request from management.
This resource can help your board
- Define for management which cybersecurity information is most relevant to the board.
- Obtain from management concise, reader-friendly board-level cybersecurity metrics that promote dialogue.
- Gain strategic insight into the company’s cybersecurity program.
Most relevant audiences: the full board, risk committee members, audit committee members, and the chief information security officer