The NACD provides five helpful guiding principles for effective cyber-risk oversight that organizations can adopt and customize to their specific needs (e.g., size, life-cycle stage, strategy, business plans, industry sector, geographic footprint, etc.).
via Cybersecurity: Five Guiding Principles for Boards – Lexology