Chief Financial Officer of the Children’s Hospital Foundation, Simon Smith has a longstanding relationship with BDO, working with the Audit and Consulting teams for more than 15 years across a range of businesses in the NFP sector.
“When I need work done, BDO is the answer,” says Mr Smith.
The Children’s Hospital Foundation (CHF) Board showed interest in BDO’s Cyber Security services after receiving the annual BDO and AusCERT Cyber Security Survey as a benchmarking activity. The survey was presented to the Finance, Audit and Risk Committee, who agreed to engage with BDO, as the process of completing the survey highlighted a range of internal questions and enquiries.
“It was timely to conduct an in-depth review of the ICT environment and understand our level of control,” says Mr Smith. “We wanted a report that would highlight our risks and weaknesses and offer direction for mitigation activities that would improve our cyber resilience.”
As part of the engagement, CHF’s Board requested a review of their current cyber insurance program. BDO partnered with Cyber Plus, a company specialising in cyber insurance, to conduct the review. Speaking of Cyber Plus, Mr Smith adds, “We were comfortable dealing with Cyber Plus knowing their expertise. We felt it was a specialist area and their experience shone through.”
The cyber resilience work conducted by BDO explored key technical and governance areas in CHF’s cyber security and helped to identify areas of strength and areas for improvement. As a result of the review, the Foundation undertook work to improve their data environment and governance in the cyber space.
“Based on the insurance review, we were able to form a better view of the definitions and terms within existing programs, and clarify our coverage level and adequacy of cover,” says Mr Smith.
“The Cyber Insurance review helped us with a critical view that we can now discuss with the broker/underwriter when renewing the program.”
The overall engagement helped the Foundation understand their cyber security posture, and guide the Foundation to manage improvement areas. “The high level of assurance from BDO advisers was valuable to both management and board,” says Mr Smith.
The Foundation’s committee and management have now endorsed the cyber resilience review to form part of their risk management framework and their annual ICT review.
Working with BDO
BDO provided a tailored and personalised approach that addressed the Foundation’s requirements.
“We found the team to be very approachable, professional, informative and helpful. Communication was clear and the engagement was collaborative, which is important to us,” says Mr Smith.
Speaking of Cyber Plus, Mr Smith added, “They were accessible and responsive to provide clarity on any question that we had around our insurance.”