Original Press Release
ANSI and ISA Conclude Meetings for Phase II of the Financial Impact of Cyber Risk
Press release date: December 29, 2009
Phase II document slated for publication in February 2010
Representatives from twenty-two organizations gathered earlier this month for the fourth and final meeting of Phase II of The Financial Impact of Cyber Risk. The initiative, led by the American National Standards Institute (ANSI) and the Internet Security Alliance (ISA), seeks to develop a methodology for executive decision-making in cyber-risk mitigation.
The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask is a joint initiative to identify and respond to the current needs of the C-suite community regarding cyber risk. Phase I provided questions that organizations and CFOs should explore to identify and quantify the financial risk associated with cybersecurity. The final workshop framework document from Phase I is available for review at webstore.ansi.org/cybersecurity.
Phase II is focused on developing an implementation strategy that addresses the questions provided in Phase I. Additionally, this initiative will expand that framework to include guidance on making more informed decisions related to cyber risk from an economic standpoint. The Phase II document is currently slated for publication in February 2010.
"In today's competitive global marketplace, companies and service providers place a high value on their reputation. A cybersecurity-related breach significantly reduces that value and has a negative effect on consumer perception," explained Larry Clinton, ISA president and CEO. "Our Phase II document gives executives the tools they need to analyze their risk and make mitigation decisions based upon the unique needs of their business."
At the December 10 meeting, attendees reviewed and refined the contributions of task groups that have been established to develop chapters for the Phase II publication. These include:
Chief Legal Council and Compliance Officer Business Operations and Technology Team Risk Manager for Corporate Insurance External Communications and Crisis Management Teams Human Resources Appendices
"Given the widespread distribution of and interest in The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask, it is critical that we continue our work on this initiative to answer the questions posed in the Phase I document," said Fran Schrotter, ANSI senior vice president and COO. "I'd like to thank all of the organizations that have participated in the Phase II workshops and who are helping us to develop this much-needed framework for organizations and businesses whose success may be compromised by cyber risk."