Percentage of top risks assessed that are other than strategic, operational, financial, compliance, external or macro, reputation, or cyber

This measure calculates the percentage of top risks (e.g., enterprise-level risks) assessed that are other than strategic, operational, financial, compliance, external or macro, reputation, or cyber. Cybersecurity is defined as the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. This Supplemental Information measure is intended to help companies evaluate additional variables related to the process group "Manage enterprise risk".

Benchmark Data

Lock

Sorry! Not all users have access to all of our resources.

Want to unlock access to all of our resources?

Learn about Membership Arrow with stem

Measure Category:
Supplemental Information
Measure ID:
107813
Total Sample Size:
158 All Companies
Performers:
25th Median 75th
- - -
Key Performance Indicator:
No

Sample image showing interactive filters for more detailed measure peer group data and an interactive graph.

Compute this Measure

Units for this measure are percent.

Back to Top

Percentage of top risks (e.g., enterprise-level risks) assessed that are in another category

Key Terms

Back to Top

Cybersecurity is the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.

Measure Scope

Back to Top

Cross Industry (7.4)

  • 11.1.1 - Establish the enterprise risk framework and policies (16439)
    • 11.1.1.1 - Determine risk tolerance for organization (16440)
    • 11.1.1.2 - Develop and maintain enterprise risk policies and procedures (16441)
    • 11.1.1.3 - Identify and implement enterprise risk management tools (16442)
    • 11.1.1.4 - Coordinate the sharing of risk knowledge across the organization (16443)
    • 11.1.1.5 - Prepare and report enterprise risk to executive management and board (16444)
  • 11.1.2 - Oversee and coordinate enterprise risk management activities (16445)
    • 11.1.2.1 - Identify enterprise level risks (16446)
    • 11.1.2.2 - Assess risks to determine which to mitigate (16447)
    • 11.1.2.3 - Develop risk mitigation and management strategy and integrate with existing performance management processes (16448)
    • 11.1.2.4 - Verify business unit and functional risk mitigation plans are implemented (16449)
    • 11.1.2.5 - Ensure risks and risk mitigation actions are monitored (16450)
    • 11.1.2.6 - Report on enterprise risk activities (16451)
    • 11.1.2.7 - Coordinate business unit and functional risk management activities (16452)
    • 11.1.2.8 - Ensure that each business unit/function follows the enterprise risk management process (16453)
    • 11.1.2.9 - Ensure that each business unit/function follows the enterprise risk reporting process (16454)
  • 11.1.3 - Manage business unit and function risk (17462)
    • 11.1.3.1 - Identify risks (16456)
    • 11.1.3.2 - Assess risks using enterprise risk framework policies and procedures (16457)
    • 11.1.3.3 - Develop mitigation plans for risks (16458)
      • 11.1.3.3.1 - Assess adequacy of insurance coverage (18129)
    • 11.1.3.4 - Implement mitigation plans for risks (16459)
    • 11.1.3.5 - Monitor risks (16460)
    • 11.1.3.6 - Analyze risk activities and update plans (16461)
    • 11.1.3.7 - Report on risk activities (16462)