{"id":17228,"date":"2021-10-29T14:16:32","date_gmt":"2021-10-29T13:16:32","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=17228"},"modified":"2021-10-29T14:20:05","modified_gmt":"2021-10-29T13:20:05","slug":"creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/","title":{"rendered":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality!"},"content":{"rendered":"\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\">After having successfully <a href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/creating-a-relationship-of-trust-with-the-excom-first-step-raising-awareness\/\">mobilized its executive committee on cybersecurity<\/a>, having <a href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/05\/episode-2-create-a-relationship-of-trust-with-the-executive-committee\/\">made a realistic and concrete assessment of the situation<\/a>, you had an agreement in principle to start a remediation program!<\/p>\n<p style=\"text-align: justify;\">A great victory, and the beginning of a multi-year adventure!<\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\"><strong>Defining ambitions and framing governance <\/strong><\/h2>\n<p style=\"text-align: justify;\">The cybersecurity assessment and its benchmark have enabled us to position the organization&#8217;s current level of security. What remains now is to define the target to be reached and the means necessary to achieve it. This involves working with the cybersecurity teams, the IT department and of course the executive committee sponsor! The target can take many forms, but it must in any case respond to clear and concrete business challenges:<\/p>\n<p style=\"text-align: justify;\">\u201cTo have an above-average level of security overall to avoid the most frequent attacks&#8221;, &#8220;To protect the data of large public customers&#8221;, &#8220;To ensure the resumption of factory production in less than 4 days in the event of a cyber attack&#8221;, or for more mature structures &#8220;To rationalize cyber investments by saving 20% for the same level of risk&#8221;, these are just a few examples of ambitions encountered in the field.<\/p>\n<p style=\"text-align: justify;\">It is at the time of this target definition that we can adopt a risk-based approach, for example with different targets between businesses or entities; a regulatory approach with different levels depending on business constraints or a global approach.<\/p>\n<p style=\"text-align: justify;\">Each target will be the subject of performance or risk indicators (KPI\/KRI) to specify how progress will be measured. These ambitions are then translated into a concrete positioning on a cybersecurity benchmark, by theme and by scope. The easiest way to do this is to use the <a href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/05\/episode-2-create-a-relationship-of-trust-with-the-executive-committee\/\">results of the previous benchmark<\/a>, but it is possible to use another benchmark. Be careful, however, it will be used throughout the program to monitor progress and guide the various teams and entities, so plan on a lifespan of at least 2 years! The definition of the repository and the indicators is a key step in the success of the program, so plan to devote time to it. It is best not to immediately launch a whole series of technical projects without the necessary consistency.<\/p>\n<p style=\"text-align: justify;\">To manage this program, the CISO must know how to surround themselves with people. The IS (Information Security) departments rarely have the experience to carry out such a transformation and budgetary requirements at this level. A good practice is to identify an experienced program director within the organization, who is used to the workings of the organization, and who can work closely with the CISO. The skills of the two profiles will naturally complement each other, on the one hand with security expertise, and on the other with large-scale management expertise. The choice of the binomial is also an important key factor of success, do not hesitate to spend time on it!<\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\"><strong>Build budgets on clear axes and know how to commit expenses<\/strong><\/h2>\n<p style=\"text-align: justify;\">Once the agreement in principle has been received, the next step is to clearly structure the budgetary commitment. Once again, the major challenge in the relationship with the executive committee will be to make a clear and precise proposal: Acronyms, project codes and other abstruse terms should be avoided. The structure of a simple strategy; &#8220;Protecting the digital work environment&#8221;, &#8220;Encrypting and avoiding critical data leaks&#8221;, &#8220;Detecting attacks on our key assets&#8221; are some examples of terms used successfully.<\/p>\n<p style=\"text-align: justify;\">The structuring of a program should be kept to around 4 or 5 axes and to group about 30 projects\u00a0 maximum is something to keep in mind. Beyond that, reporting and monitoring will become too complex.<\/p>\n<p style=\"text-align: justify;\">It should be noted that it will be necessary to break with the budgetary exercise obviously on the construction actions (&#8220;build&#8221;) but also on the additional operating costs (&#8220;run&#8221;) without that, the beautiful remediation will not last long&#8230; The identification also of the HR elements (number of recruitments\/mobilities, trainings to be envisaged, salary evolution, evolution of the hierarchical relations in the entities or the subsidiaries&#8230;) are key elements to be created in the program to ensure its durability in time. This is clearly the right time to create a real cyber department within the organization and have it managed by a &#8220;Chief Operating Officer&#8221; like any other major department.<\/p>\n<p style=\"text-align: justify;\">The preparation of these different budgetary elements will also have to consider the difficulty observed for several years now to commit the budgets obtained. The market is in dire need of cyber expertise and many projects have to be postponed. It is a good idea to take some leeway in the planning process to consider this situation, which will continue. The classic program timeline of, year 1 scoping, year 2 implementation, year 3 control, should be reviewed and instead be based on waves of smaller projects that are initiated as they come along. In short, it is better to have 5 waves of 5 projects that come to fruition than to launch 25 scopes simultaneously!<\/p>\n<p style=\"text-align: justify;\">It should also be noted that these budgets and priorities will have to be reviewed annually, as the cyber threat is very dynamic, it is important to keep flexible budget lines to adapt to an unprecedented evolution of threats &#8211; as we have experienced in recent years.<\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\"><strong>Show progress to the executive committee!<\/strong><\/h2>\n<p style=\"text-align: justify;\">Once the program has been launched, the challenge will be to show the executive committee the progress and the effects on risk levels. On a quarterly or even a semi-annual basis there are key points that need to be established: clear reporting, using simple terms that are linked to the reference system used, adding a vision on the progress of the projects and the progression of the risk level.To directly demonstrate the transition to regular reporting mode, it may be useful to add operational indicators linked to the level of security. In the long term, the challenge is to maintain an exchange with the executive committee at least every six months in order to maintain the level of attention on the cyber subject. These long-term exchanges can be structured around two annual meetings, one on risks (evolution of the threat and risks weighing on the organization), the other on investments (effects of projects, budgetary and HR issues for the following year).<\/p>\n<p style=\"text-align: justify;\">Finally, the most advanced structures and those whose core business is based on digital technology can consider using their cybersecurity investments as business differentiators! Today, the cybersecurity requirements of customers, both large public and professional, are increasing rapidly. It is possible, and even desirable, to enhance the value of investments made to show that the subject of cybersecurity is a priority for the organization! For some organizations, cybersecurity may even become a profit centre, which will clearly change the discussions with the executive committee.<\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0 After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year&#8230;<\/p>\n","protected":false},"author":15,"featured_media":17229,"comment_status":"open","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3270,3977],"tags":[3530,4016,3560,3370],"coauthors":[837],"class_list":["post-17228","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberrisk-management-strategy-en","category-focus","tag-cyber-en-2","tag-executive-committee","tag-management-en","tag-transformation-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"\u00a0 After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-29T13:16:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-29T13:20:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"850\" \/>\n\t<meta property=\"og:image:height\" content=\"414\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00e9r\u00f4me Billois\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00e9r\u00f4me Billois\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\"},\"author\":{\"name\":\"G\u00e9r\u00f4me Billois\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\"},\"headline\":\"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality!\",\"datePublished\":\"2021-10-29T13:16:32+00:00\",\"dateModified\":\"2021-10-29T13:20:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\"},\"wordCount\":1125,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg\",\"keywords\":[\"cyber\",\"Executive Committee\",\"management\",\"Transformation\"],\"articleSection\":[\"Cyberrisk Management &amp; Strategy\",\"Focus\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\",\"name\":\"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg\",\"datePublished\":\"2021-10-29T13:16:32+00:00\",\"dateModified\":\"2021-10-29T13:20:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg\",\"width\":850,\"height\":414},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\",\"name\":\"G\u00e9r\u00f4me Billois\",\"description\":\"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/","og_locale":"en_US","og_type":"article","og_title":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight","og_description":"\u00a0 After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year...","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/","og_site_name":"RiskInsight","article_published_time":"2021-10-29T13:16:32+00:00","article_modified_time":"2021-10-29T13:20:05+00:00","og_image":[{"width":850,"height":414,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg","type":"image\/jpeg"}],"author":"G\u00e9r\u00f4me Billois","twitter_misc":{"Written by":"G\u00e9r\u00f4me Billois","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/"},"author":{"name":"G\u00e9r\u00f4me Billois","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17"},"headline":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality!","datePublished":"2021-10-29T13:16:32+00:00","dateModified":"2021-10-29T13:20:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/"},"wordCount":1125,"commentCount":0,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg","keywords":["cyber","Executive Committee","management","Transformation"],"articleSection":["Cyberrisk Management &amp; Strategy","Focus"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/","name":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality! - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg","datePublished":"2021-10-29T13:16:32+00:00","dateModified":"2021-10-29T13:20:05+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/10\/Picture8-1.jpg","width":850,"height":414},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/creating-a-relationship-of-trust-with-your-executive-committee-step-3-make-the-transformation-a-reality\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Creating a relationship of trust with your executive committee: step 3, make the transformation a reality!"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17","name":"G\u00e9r\u00f4me Billois","description":"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/17228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=17228"}],"version-history":[{"count":5,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/17228\/revisions"}],"predecessor-version":[{"id":17235,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/17228\/revisions\/17235"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/17229"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=17228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=17228"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=17228"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=17228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}