The State of Information Security: Educating Your Board? The author of the book, “Risk Management” is concerned about the state of information security at the institution. He explains how to present this information effectively to board members: “Speak their language. Give them the tools to make decisions; don’t make the decisions for them” “All risks are not created equal. The level of risk is crucial to the Risk Management process,” he says. Don’t forget to provide a description of the steps undertaken by the institution to remediate risks identified in previous analysis.”]
Source: https://www.cuinfosecurity.com/blogs/state-information-security-educating-your-board-p-22