Do you currently report metrics on insider risk mitigation to your board or executive team?

KPIs, Metrics & ReportingRisk Management

Yes - board only11%

Yes - executive team only29%

Yes - both board and executive team30%

No20%

Not yet, but we’re considering it11%

Unsure/other

56 PARTICIPANTS
186 viewscircle icon1 Comment
Sort by:
VP IMIT & CIO3 months ago

We report vulnerabilities, unauthorized cloud services, mandatory information security and privacy training completion rates, and other compliance issues, e.g., data security. Given the emerging dynamic threat landscape, we are constantly considering additional metrics and awareness campaigns.

Content you might like

Which cybersecurity metrics do you currently use with your board?

Read More Comments

How are you socializing quantum-safe cryptography with your organization's leadership team? What’s your approach to the messaging around that given the complexity?

Read More Comments

What are your organization’s drivers for implementing RegTech?

Support future growth36%

Automate manual processes59%

Demonstrate compliance49%

Reduce risk exposure43%

Improve customer experience16%

Reduce costs13%

View Results

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

How do you manage risk with contractors in your supply chain?

Keep hard copies and file paperwork13%

Update spreadsheets to create reports44%

Use a digital supply chain management solution27%

Partner with a third-party vendor11%

Other (comment below)3%

View Results
Do you currently report metrics on insider risk mitigation to your board or executive team? | Gartner Peer Community