← Insights
Guide · Governance

Questions every board should ask about confidentiality

Most boards assure their finances, their cyber posture and their governance. Few test whether the room where they make their most sensitive decisions is actually private. A handful of direct questions will show whether that assurance exists or only feels like it does.

Who has assured us that our board discussions are private?

A good answer names someone independent who has examined the question, not an assumption that the building or the IT team has it covered. If no one owns confidentiality of the boardroom, that is the gap.

When were our boardroom and executive areas last inspected?

A good answer is a recent date and a clear scope, supported by a report. If the honest answer is never, or no one is sure, the board is relying on hope rather than assurance.

Is our assurance independent of the people who installed our systems?

Independence keeps advice objective. A good answer involves a practitioner who does not sell or install surveillance or monitoring equipment, so there is no commercial interest in what is found or recommended.

What happens to our most sensitive information before and after a meeting?

Confidentiality is not only the hour in the room. A good answer accounts for how papers, devices and conversations are handled in the lead up and the aftermath, where exposure is often greatest.

Do we sweep before major decisions and transactions?

A good answer ties inspection to risk, with event driven checks before significant decisions and deals, not only a calendar entry. Our guide on when to commission a TSCM inspection sets out the common triggers.

If the answers are less certain than you would like, a technical surveillance countermeasures inspection is a sound first step. To talk it through, begin a confidential conversation.