I am getting my annual Board report ready to include the ID Theft report. I know that the report should include the effectiveness of the policies & procedures addressing the risk of ID theft. A report about service provider arrangements. Report about significant incidents involving ID theft and management's response and any recommendations for material changes to the program.
Has anyone reported to the Board yet on ID theft? If so, would anyone be willing to share the layout of the report with me?
I would greatly appreciate anything you can help with.