REGISTER

email 14 48

November 6, 2013 - Thomson Reuters annual Board Governance survey reveals organizations lack understanding of security risks surrounding board materials.

Thomson Reuters annual Board Governance survey shows that Board communications is becoming increasingly complex yet outdated board procedures, unsecure distribution channels and costly board materials are all contributing to increased security gaps.

The Thomson Reuters survey covered more than 125 general counsel and company secretaries across a wide-ranging cross-section of industries and geographies globally. It builds on a survey of similar respondents conducted in September 2012 so presents year-on-year trends and developments. Key findings from the latest report include:

  • Over 67% of respondents admit they do not know if their board members destroy all print copies of board materials.
  • 62% of respondents had heard of situations where board members have left sensitive information in public places, representing a 12 percent increase compared to last year.
  • Over three-quarters of organizations utilize unsecure, personal email accounts to distribute board documents; almost half do not ensure board communications are encrypted.
  • Board books and volume of information continue to grow. On average board books are 179 pages in length according to respondents compared to only 116 pages in 2012. This amounts to 16,010 pages of board material each year representing a 67% uplift from the average of 10,000 pages reported the prior year.
  • Board members per organization is increasing with 43% now having more than 11 board members, rising from 29% in 2012.
  • Almost half of boards still rely on paper-based board books. There was a slight decrease in the number of respondents who distributed their board books electronically, despite an increase of members being located across borders.
  • There has been increased focus on risk oversight with 84% of respondents saying their board actively set a risk culture and cascaded its risk policy to management. This is a significant increase from 2012 where only 57% of respondents said the same.

“Corporate governance is becoming increasingly complex due to demanding regulatory requirements and scrutiny on organizations’ compliance,” said Chris Perry, managing director, Risk, Thomson Reuters. “In this time of heightened risk, it to extremely important for companies to protect their organization from reputational damage. This survey provides insight and transparency into board governance processes to help provide the information needed to have better risk oversight and to tighten security gaps across an organization.”

Increasing Volume of Board materials

A large challenge lays in the amount of confidential information that board members are expected to retain. One quarter of respondents produce in excess of 100 board books per year with the average board book at 179 pages in length. This means that board members are sifting through 16,010 pages of board materials a year representing a staggering 67% increase from 2012. In addition, most organizations have many board members serving on multiple boards across the world and with the majority of boards meeting monthly or quarterly, this creates a huge volume of required supporting board materials.

Exposure to Security Risks

The survey results indicate organization’s lack of understanding of the security risks surrounding board communications. Both print based and electronic board communications contain huge security risks and gaps. Almost half of boards still rely on paper-based board books contributing to greater risk of sensitive information being lost, stolen or misplaced by printing and carrying board documents. Additionally, the majority of respondents admitted to having heard of instances where board members have left sensitive documents behind in public places.

Furthermore, there are still issues around electronic communications due to insufficient security processes. Over three quarters of organizations utilize non-commercial, unsecure personal email accounts to distribute board materials and almost half of the organizations do not encrypt board communications.

While the survey points out many risks in the distribution channels being used to disseminate board materials, another issue is in retention of information. Over 67% of respondents are not confident or do not know if their board members destroy all print copies of board materials in line with policies. With similar results in 2011 and 2012, this continues to be a concern and presents risks to organizations.

Board Security

The survey results indicate a lot of security gaps and risk oversight by organizations, but the results also note that there has been improvement from boards putting increasing importance on security measures. Over three quarters of respondents said that their board actively set a risk culture and cascaded its risk policy to management which is a significant increase from only 57% in the comparable 2012 survey.

Additionally, 52% of organizations now use a board portal to share their sensitive board information.

Private mobile computing devices remain the most likely place to store board documents and communications and in line with the increasing popularity, the results show a steady increase in organizations providing board members with secure devices for this purpose.

The board has become increasingly involved in understanding regulatory change and overseeing implementation according to respondents. Involvement has increased from 2012 substantially with 49% actively setting culture and policy and pushing for “gold plated” policies. With 12% not discussing these issues at board level and some respondents not knowing, there could be organizations at risk of penalties by not being prepared to manage the incoming changes to regulatory requirements.

CyberBanner

MetricStream TPRM

CyberBanner

CyberBanner

CyberBanner

Log in Register

Please Login to download this file

Username *
Password *
Remember Me

CyberBanner

CyberBanner

Banner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

Go to top