cyber risk management


The Institute of Risk Management (IRM) has developed a guide to cyber risk management, including resources to support risk practitioners.  The CIPFA Better Governance Forum has endorsed this guide and the IRM has agreed to make the full resource available to our members (below).

The document outlines the different forms of cyber risks, including risks in the supply chain and from social media.  It also outlines a range of approaches to managing the risks: information security, behaviour change and incident management. The document also highlights key questions for boards to consider about the organisation's approach to managing the risks.