All Engagement guide articles – Page 2
View all stories of the same content type.
-
Engagement guideEngaging on cyber security: results of the PRI collaborative engagement 2017-2019
Menu styles Menu Executive summary Cyber security has been recognised as a risk in the World Economic Forum Global Risks Report for several years, with the latest version ranking cyber security as one of the top 10 risks that the world will face ...
-
Engagement guide
Advancing tax transparency: outcomes from the PRI collaborative engagement
This report summarises the outcomes of the PRI collaborative engagement on corporate tax transparency, which ran from 2017 to 2019.
-
Engagement guide
The plastics landscape: regulations, policies and influencers
Rounding off a three-part series titled The plastics landscape , this report explores the various plastic-related regulations and policies at different stages of the value chain. It also looks at the types of movements that are influencing how plastic is regulated, managed and used.
-
Engagement guide
Plastics: The challenges and possible solutions
With an increase in global production and consumption of plastics, and less than 20 percent of plastics recycled globally, plastic waste is increasing – and mismanaged.
-
Engagement guide
Risks and opportunities along the plastics value chain
The level of global interest in plastic production, consumption and waste has soared in recent years. While much of this focus has been on the risks and impacts, it is important to recognise that the flexibility and resilience of plastic mean that products made from the material perform many crucial ...
-
Engagement guide
Investor-company dialogue on cyber security: five emerging findings
A recent study by Accenture found that the global average cost of cyber crime has risen from $7.2 million in 2013 to $11.7 million in 2017. Businesses are under pressure to strengthen their cyber security capabilities and be more effective in managing cyber incidents.
-
Engagement guide
Stepping up governance on cyber security
Cyber security risk is real and pervasive, as demonstrated by recent attacks that have put the frighteners on big banks, web service providers, the UK’s National Health Service and even the US intelligence community.
-
Engagement guide
Corporate disclosure on cyber security governance: key takeaways
While companies generally perceived cyber security as a key organisational risk, very few communicated that they have policies, governance structures and processes that were effective at tackling cyber threats.
-
Engagement guide
Corporate disclosure on cyber security governance: policy
2. Does the company publicly disclose a privacy and/or data protection policy? 3. Does the policy explicitly cover its entire operations, including third parties?
-
Engagement guide
Corporate disclosure on cyber security governance: skills and resources
8. Does the company disclose that it has a cyber or information security team and/or dedicated budget? 9. Does the company state that it works with relevant industry initiatives on cyber security and/or has access to internal or external expertise on cyber security? 10. Does the company actively ...
-
Engagement guide
Corporate disclosure on cyber security governance: training
11. Does the company provide training on information/cyber security requirements to all employees?
-
Engagement guide
Corporate disclosure on cyber security governance: processes and procedures
13. Has the company established an incident management plan (including disaster recovery and business continuity)? 14. Has the company disclosed information or cyber security as a key part of its risk assessment/business continuity plan?
-
Engagement guide
Corporate disclosure on cyber security governance: overview of regulatory landscape
Standards of legislation relating to data protection and cyber security that companies are expected to adhere to vary widely by region. This section provides an overview of key legislation in force across the regions from which the company sample was drawn.
-
Engagement guide
Corporate disclosure on cyber security governance: conclusion and next steps
This report analysed data from 100 companies for observations on standards of corporate disclosure relating to cyber security practices. It presented overall findings across the data; results by each specific indicator; and different regional legislative and regulatory standards.
-
Engagement guide
Corporate disclosure on cyber security governance: legal compliance
1. Does the company publicly commit to complying with relevant laws, including those related to cyber and data protection?
-
Engagement guide
Corporate disclosure on cyber security governance: board communication
6. Does the company communicate cyber risks to the board (and how, by whom and how often?) 7. Does the board receive detailed information about the company’s cyber/information security strategy (including what information it receives and how it assesses this information)?
-
Engagement guide
Corporate disclosure on cyber security governance: assessment
12. Does the company conduct audits of information/cyber security policies and systems?
-
Engagement guide
Analysis of corporate disclosure on cyber security governance: research analysis
This report presents a snapshot and analysis of what 100 companies are currently disclosing about their cyber governance and risk management. It also enables comparisons across regions and sectors to facilitate engagement dialogue.
-
Engagement guide
Corporate disclosure on cyber security governance: regional analysis
On average, US and Australian companies performed the strongest on disclosure across all indicators. US companies scored better than those from other regions in terms of disclosing cyber security and/or information security as a key risk in company assessment plans (indicator 14). US companies also scored better on board responsibility ...
-
Engagement guide
Corporate disclosure on cyber security governance: senior management and board accountability
4. Does the company identify a named person at senior management or executive committee level with overall responsibility for information management and cyber security? 5. Is the board or board committee responsible for cyber security issues?
