FCPA Blog sponsor Kroll released a survey showing that 75% of compliance officers aren’t involved in managing cyber security risk.
And nearly 44% of senior-level compliance professionals who responded said the chief compliance officer is only responsible for privacy compliance and breach disclosure after an incident but has no role in addressing cyber security risks before one.
“These statistics draw attention to a gap in responsibilities as cyber security lapses can often involve hefty penalties or sanctions, civil litigation and compliance issues,” Kroll said.
Alan Brill, senior managing director for Kroll, said compliance officers should have a strong enough grasp of cyber security to know when they should be involved in a problem.
“Every compliance officer needs to decide whether it’s time for them to be Captain Kirk and boldly go into cyber,” Brill said.
They should forge a partnership with the IT director, with the general counsel, and with the internal auditor — “so that the cyber elements of compliance are just the everyday part of your work,” he said.
The 2014 Anti-Bribery and Corruption Benchmarking Report from Kroll and Compliance Week also covers other compliance topics, including third-party training and due dilgence, among others.
To request a copy of the benchmarking report, contact Cathy Johnson of Kroll (Tel +1 347.963.7509) or by email here.
Richard L. Cassin is the Publisher and Editor of the FCPA Blog. He can be contacted here.