Your Business News

Cybersecurity and climate risk: Does your board need an expert?

August 5, 2022

Authored by RSM Canada LLP

Select a Team Member shared this article

ARTICLE | August 05, 2022


As they have been for decades, corporate directors are expected to play a key role in a company’s oversight and governance. However, as these board members know all too well, their critical function encompasses additional issues each year. This is a challenging time for corporate directors as they seek strategic understanding of all the various matters for which they are responsible.

This spring, the US Securities and Exchange Commission (SEC) released proposed rules regarding cybersecurity and climate-re­lated disclosures. Both proposals would require disclosures about the registrant’s governance, including the board’s oversight of these issues. If finalized as proposed, such disclosures would be required to address, among other matters, whether any board members or committees are responsible for such oversight and whether any board member has expertise in climate-related risks.

One reaction could be to concentrate on what the board needs to properly address these disclosures. But although such disclosures are important, they should not drive the board dynamics that are best for the long-term interests of the corporation.

When thinking about new and existing board responsibilities, consider stepping back and looking at the big picture. It may be best to “divide and conquer” the widening areas of responsibility by regrouping, potentially by forming separate board committees or subcommittees to oversee climate and other environmental, social, and governance (ESG) matters, cybersecurity, and even risk management generally. Each committee can stay up-to-date and be well informed regarding developments and risks within its area of focus, and can decide what type and level of expertise they need.

Given how investors across the spectrum have developed a keen interest in board composition and director skill sets, the focus on board expertise is real. And the need for the appropriate expertise in areas of high risk, such as cybersecurity, is top of mind for all boards. There are two paths a board may take to address the need for expertise related to new issues that come under its purview.

The first, obviously, is to look for a board member who embod­ies the expertise needed for oversight of a particular matter. This approach may seem appropriate in theory, but it can be more diffi­cult than it sounds to attract an individual who is an expert in a particular field and not too narrowly focused on just that. Directors are responsible for a wide range of complex matters, so if a new board candidate has cyber-risk expertise and is well-rounded and otherwise qualified, that’s great. But if that candidate is one-dimen­sional, that could result in fewer insights around the board table on myriad other matters.

Proactive, thoughtful, and informed board oversight does not necessarily mean the boardroom has to be filled with experts. Because directors need to understand what they are overseeing and think outside the box, an effective board takes a thoughtful approach to director selection, considering core requirements, the attributes of existing members, and the diversity sought in new members, among other factors.

Therefore, a second, sometimes more practical path to resolv­ing the ever-widening need for board expertise is to use qualified outside advisors. Doing so allows the board to focus on what candi­dates can contribute to board discussions holistically through their various strengths, industry and educational experiences, and risk appetites. It also allows the board to find the “best of the best” advisors on narrow topics.

An effective approach to the ever-expanding board agenda is to think broadly about members’ diverse competencies for fulfilling their legal, ethical, fiduciary, and financial responsibilities—and then to think very narrowly about experts that are integral to the process, but that can come from within or outside of the board­room, as appropriate.

Republished with permission from NACD Directorship summer edition.

Let's Talk!

Call us at 1 855 363 3526 or fill out the form below and we'll contact you to discuss your specific situation.

  • Topic Name:
  • Should be Empty:

This article was written by Phyllis Deiso and originally appeared on 2022-08-05 RSM Canada, and is available online at https://rsmcanada.com/insights/services/audit/cybersecurity-and-climate-risk-does-your-board-need-an-expert.html.

RSM Canada Alliance provides its members with access to resources of RSM Canada Operations ULC, RSM Canada LLP and certain of their affiliates (“RSM Canada”). RSM Canada Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each are separate and independent from RSM Canada. RSM Canada LLP is the Canadian member firm of RSM International, a global network of independent audit, tax and consulting firms. Members of RSM Canada Alliance have access to RSM International resources through RSM Canada but are not member firms of RSM International. Visit rsmcanada.com/aboutus for more information regarding RSM Canada and RSM International. The RSM trademark is used under license by RSM Canada. RSM Canada Alliance products and services are proprietary to RSM Canada.

FCR a proud member of RSM Canada Alliance, a premier affiliation of independent accounting and consulting firms across North America. RSM Canada Alliance provides our firm with access to resources of RSM, the leading provider of audit, tax and consulting services focused on the middle market. RSM Canada LLP is a licensed CPA firm and the Canadian member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM Canada Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how FCR can assist you, please call us at 1 855 363 3526

Important Notice:

FCR will now redirect you to CCH Portal where your FCR Client Portal login is located.

Share This