cybersecurity assurance

Hello all,

I am the newly appointed lead cyber authority for a large energy company.  I am interested in your thoughts on what an assurance framework or assurance model  might look like in providing an independent view on cyber risk. 


Thanks,


Mike Ramesar