The National Cyber Security Centre has published its first in a series of guidance for board members which highlights what businesses should be asking security teams
https://www.computerweekly.com/news/252448538/NCSC-issues-core-questions-to-help-boards-assess-cyber-risk