BS 31111:2018 Cyber risk and resilience - Guidance for the governing body and executive management

£176.00

BS 31111:2018 Cyber risk and resilience - Guidance for the governing body and executive management

£176.00

What is this standard about?

Organisations need to protect themselves and their stakeholders from the consequences of cyber-related failures and errors as well as malicious cyberattacks.

At the same time, there’s an increasing need for organisations to demonstrate to stakeholders that their operations and processes are protected, particularly since organisations are now held accountable by regulation and society in general.

This standard therefore exists to improve top management’s strategic understanding of the risks associated with IT activities and support decision making that ensures good cyber resilience.

Who is this standard for?

This standard is written in user-friendly, non-technical language for all types and sizes of organisation. However it’s particularly targeted at:

  • Governing bodies
  • Executive management
  • Risk management professionals
  • Information technology professionals

Why should you use this standard?

It provides good practice for boards, senior executives and risk managers on cyber risk management by describing what cyber risk is and how to identify, assess, and mitigate these risks within the organisation’s overall risk management framework.

It provides strategic insight and guidance on where to focus to ensure that cyber resilience is built in across all levels and functions of the organisation.

It provides management with an improved business understanding of the risks associated with information technology activities and supports effective decision-making.

It also helps the organisation demonstrate to external stakeholders and interested parties that its cyber security provisions are effective, resilient and mature.

A key factor is that cyber risk is not limited to the IT department but impacts the entire organisation. So the standard is applicable to all subject areas, focusing on risk, resilience and information security rather than just on technology aspects.

Sign-up to our weekly bulletin

Twitter feed

Bulletin
Crisis communications, a dark art?

Charlie looks at Timothy Coombs' ‘Situational Crisis Communications Theory’ and how you can develop a crisis response strategy from it.

29 November 2019

“I thought the trainer [James Royds] was excellent and certainly knew his subject. He challenged us to really think about organisational resilience. The breakout sessions were most effective.”

Rebecca Thomson
The Scottish Parliament
View further testimonials