In addition, GFIA is particularly concerned that ISO is developing guidelines about cyber insurance without sufficient and adequate involvement of the insurance industry. While GFIA understands that there are different models for consultation with stakeholders due to the unique structure of ISO as a membership organisation, in this situation, GFIA is of the view that direct outreach and interaction with insurers is warranted regardless of process. Involving the insurance sector directly would limit the risk of misunderstanding of how cyber insurance works in practice.