According to a new survey conducted by the National Association of Corporate Directors, board members say they are not getting enough information from corporate functions, including internal audit, on such issues as cyber-risk, corporate culture, and strategic risks. According to the survey, it was rare for a director to get a direct take on corporate culture from functions such as internal audit (39 percent), compliance and ethics (30 percent), and enterprise risk management (20 percent), “which possess a much deeper and perhaps more independent perspective on the strength of the corporate culture than the CEO does,” according to the NACD.
