The private sector recently developed voluntary guidelines for ISAOs that could help transform the way industry and government manage cyber-risks. The new guidelines — drafted in collaboration with government, industry, academia and stakeholders, including PwC—provide Boards and executives with tangible recommendations for establishing successful ISAOs . The guidelines appear in four substantial documents: • ISAO 100-1: Introduction to ISAOs • ISAO 100-2: Guidelines for Establishing an ISAO • ISAO 300-1: Introduction to Information Sharing • ISAO 600-2: US Government Relations, Programs and Services 21 Key findings from The Global State of Information Security® Survey 2017 © 2016 PwC