The American Institute of CPAs has introduced a market-driven, flexible and voluntary cybersecurity risk management reporting framework.

Customers, business partners and other interested parties may want to know that organizations are exhibiting good governance, which includes good supply chain risk management.

Unfortunately, managing systemic risks ranked last on a list of 22 metrics in a new survey of where companies concentrate efforts to report their compliance with ESG.