The Disclosure of Non-financial Risk. The Emerging of Cyber-Risk

The chapter aims to deepen the emerging issue of cyber-risk that, among non-financial (NF) risks, represents a major threat for organizations due to the growing sophistication and variety of data breaches and cyberattacks. The research provides a general background for NF risks disclosure illustrating the path that led from external voluntary to mandatory frameworks for the disclosure of NF risks following the EU Directive. Then, we move on to describe the role of internal auditors for the management and disclosure of the digital risk. In order to better understand the effectiveness of corporate governance mechanisms for digital risk disclosure, we conduct a review of literature and a visualization to provide the most frequent topics and their chronological evolution. The chapter contributes to the risk disclosure and corporate governance literature, by providing some theoretical and practical implications.