Do you think protection-level agreements (PLAs) are more effective than service-level agreements (SLAs) when it comes to updating the board?

Security & GRC Security Strategy & Roadmap

Much more effective12%

Somewhat more effective50%

Neither21%

Somewhat less effective12%

Much less effective5%

Unsure for now1%

78 PARTICIPANTS

495 views2 Comments

Sort by:

CISO in Insurance (except health)a year ago

I plan to use PLA next year. I will share the results with my board and executive committee.

Fractional CIO in Services (non-Government)a year ago

It depends on what you are updating the board on. It isn't necessarily a one size fits all solution, each quarter may have a different focus which will change how you present to the board.

I'd also question whether this is a level of detail the board needs to see. If the update is "here's all the PLAs we have in place, and here are the gaps" then that's risk based, but if it's "here's how we're performing to PLA" then it is starting to get more operational. Granted, I am looking at this from an NZ perspective, so other jurisidictions may be different, but the focus of a board should be on oversight and governance, not management.

Content you might like

Seeking advice on integrating embedded AI agents into Workday/SAP/etc. How do you handle integration across HRIS, ATS, and LMS? Do you rely on vendor-native tools or build your own in-house registries?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Is your business worried about friendly fraud?

Yes80%

No19%

When considering AI's benefits vs vulnerabilities, what is more important?

AI's benefit to the customer will outweigh the vulnerabilities from AI81%

The vulnerabilities from AI outweigh the benefits to the customer18%

What advanced identity analytics or continuous access controls is your organization using (or planning to implement)? Any lessons learned you can share regarding vendor selection or implementation?

Do you think protection-level agreements (PLAs) are more effective than service-level agreements (SLAs) when it comes to updating the board?

Sort by:

Content you might like

Seeking advice on integrating embedded AI agents into Workday/SAP/etc. How do you handle integration across HRIS, ATS, and LMS? Do you rely on vendor-native tools or build your own in-house registries?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Is your business worried about friendly fraud?

When considering AI's benefits vs vulnerabilities, what is more important?

What advanced identity analytics or continuous access controls is your organization using (or planning to implement)? Any lessons learned you can share regarding vendor selection or implementation?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go