Tag: board briefing

28 Apr 2026
Business meeting: a presenter explains a flowchart on a blue screen to colleagues around a large conference table.
Executive Presentations Mary Beth Hazeldine 0 comment

Restructuring Presentation: How to Brief Your Board on Organisational Change

Quick answer: A restructuring presentation should open with the strategic rationale for change, move into the proposed structure with clear reporting lines, outline the implementation timeline with decision gates, and close with a risk assessment that shows the board you have anticipated the hardest questions. Keep the deck under 15 slides and lead with the business case, not the org chart.

Benedikt had led transformation programmes across two continents, but when the CEO asked him to present the restructuring case to the board, he found himself staring at a blank slide deck for three days. The problem was not a lack of information. He had the financial models, the headcount projections, the market analysis. What paralysed him was the knowledge that twelve non-executive directors would be evaluating not just his proposal, but his judgement. Every slide would signal whether he understood the human cost of what he was recommending. Every data point would be weighed against the reputational risk the board was being asked to accept.

He spent the first two days building a 38-slide deck that walked through every scenario. Then his CFO looked at it and said: “This is a data dump, not a decision framework.” That feedback changed everything. Benedikt stripped the deck back to 14 slides, led with the strategic case, and built the rest around the three decisions the board actually needed to make. The restructuring was approved in a single session.

If you are preparing to present organisational change to your board, the structure of your argument matters more than the volume of your evidence. Here is how to build that structure.

Building a restructuring deck from scratch?

The Executive Slide System gives you ready-made templates for board-level restructuring presentations, including strategic rationale slides, implementation timelines, and risk frameworks you can adapt in minutes.

Explore the System →

Why Most Restructuring Presentations Fail at Board Level

The most common mistake in a restructuring presentation is treating it as a status update. Executives walk into the boardroom with slides that describe what is changing: new reporting lines, merged departments, headcount reductions. But the board does not need a description of the change. They need a decision framework that tells them why this change is necessary now, what happens if they delay, and what the organisation looks like on the other side.

Board members sit across multiple organisations. They have seen restructurings that saved a business and restructurings that accelerated its decline. The difference almost always comes down to whether the presenter understood what the board was actually evaluating: not the org chart, but the quality of thinking behind it.

Three patterns consistently undermine board confidence:

  • Leading with the solution before the problem. When the first slide shows the new org chart, the board immediately starts poking holes. They have not yet accepted the premise that change is necessary.
  • Treating headcount numbers as self-explanatory. “We are reducing from 340 to 285” tells the board nothing about capability retention, institutional knowledge, or delivery risk.
  • Hiding the hard questions. If your deck does not address the worst-case scenario, the board will assume you have not thought about it.

When you are presenting change to stakeholders, the sequence of your argument is your most powerful tool. The board needs to arrive at the decision you are recommending through their own reasoning, not because you told them the answer on slide two.

Executive Slide System

26 templates, 93 AI prompts, 16 scenario playbooks.

Build your restructuring deck in one sitting instead of three painful weeks.

£39 — Instant Access

Building the Strategic Rationale Your Board Needs First

Before you open your slide software, answer one question: why now? The board will ask this within the first five minutes, and if your answer is weak, nothing else in the deck will recover their confidence. “Because the market has shifted” is not sufficient. You need to connect the restructuring to a specific strategic pressure that the board already recognises.

The strategic rationale section of your deck should follow a tight three-part structure:

1. The current state and its limitations. Use no more than two slides to show where the organisation sits today. Focus on the structural constraints that are limiting performance or creating risk. This is not a SWOT analysis. It is a diagnosis of why the current structure cannot deliver the next phase of strategy.

2. The strategic imperative. One slide that connects the structural limitation to a business outcome the board cares about. Revenue at risk. Regulatory exposure. Competitive positioning. This slide is the hinge of your entire presentation. If the board accepts this premise, the rest of the deck flows logically.

3. The cost of inaction. Boards are loss-averse. Show them what happens if the organisation does nothing for 12 months. Quantify it where you can, but even a qualitative assessment of competitive erosion or talent flight is more persuasive than silence.

Notice that you have not yet shown the new org chart. That is deliberate. The board needs to accept the problem before they will evaluate the solution fairly.


Infographic showing the three-part strategic rationale structure for a board restructuring deck: current state, strategic imperative, and cost of inaction

Structuring the Implementation Timeline and Decision Gates

Once your board accepts the strategic case, their next concern is execution risk. They want to know that you have a plan that can be paused, adjusted, or reversed if assumptions prove wrong. This is where your timeline slide becomes critical.

A strong implementation timeline does three things simultaneously. It shows the sequence of changes, it identifies the decision points where the board retains control, and it makes visible the dependencies between workstreams. The worst version of this slide is a Gantt chart with forty rows. The best version is a phased roadmap with three to four stages, each ending at a board review gate.

Here is a framework that works across most organisational restructurings:

  • Phase 1: Design and consultation (weeks 1-6). Finalise the target operating model. Begin formal consultation where required. Board gate: approve the final structure before any announcements.
  • Phase 2: Communication and selection (weeks 7-12). Internal announcement. Role matching and selection processes. Board gate: review any escalated cases or legal risks before proceeding.
  • Phase 3: Transition and stabilisation (weeks 13-20). New structure goes live. Performance monitoring against baseline metrics. Board gate: six-week review of operational stability.

The decision gates are what separate a credible plan from an optimistic one. When you are presenting difficult news to senior leadership, showing that you have built in checkpoints tells the board you understand that not every assumption will hold. It gives them confidence to approve the overall direction while retaining oversight of the details.

One detail that is easy to overlook: your timeline must account for legal and regulatory requirements. Employment law consultation periods, union engagement, regulatory notifications. If these are missing, your board’s legal counsel will flag them immediately, and you will look underprepared.

The Executive Slide System includes phased timeline templates with built-in decision gates that you can adapt to your restructuring scope.

The Risk Assessment Slide That Earns Board Confidence

Most presenters treat the risk slide as an obligation. They list four or five risks, assign traffic-light ratings, and move on. This approach signals to the board that you are going through the motions rather than genuinely engaging with what could go wrong.

A risk assessment that earns confidence does something different. It shows the board that you have already stress-tested your proposal against the scenarios they are most worried about. Structure it around three categories:

Execution risks: What happens if the consultation process takes longer than planned? What if key talent leaves during the transition? What is the minimum team capability you need to maintain business-as-usual operations during the change?

Reputation and stakeholder risks: How will clients react? What is the communications plan for external stakeholders? If the restructuring becomes public before you are ready, what is the holding statement?

Financial risks: What are the one-off costs? What if the projected savings take six months longer to materialise? Where is the break-even point?

For each risk, show the mitigation. Not a vague “we will monitor this” but a specific action with an owner. Boards do not expect zero risk. They expect you to have thought about it with the same rigour you applied to the benefits case.

One technique that works particularly well: include a “what we decided not to do” slide. Show the board the alternatives you considered and why you rejected them. This demonstrates the depth of your analysis without adding slides to the main proposal.

Turn your restructuring rationale into a board-ready deck

The Executive Slide System includes risk assessment frameworks, stakeholder mapping templates, and scenario playbooks designed for organisational change presentations. 26 templates, 93 AI prompts, 16 scenario playbooks.

£39 — Instant Access

Delivering the Restructuring Message Without Losing the Room

The slides are only half the challenge. How you deliver a restructuring case determines whether the board engages with your proposal or retreats into scepticism. The stakes are high enough that your delivery needs to match the gravity of the decision without tipping into anxiety.

Start by acknowledging the weight of the decision. A single sentence at the opening: “I understand this decision affects people’s livelihoods, and I have approached this work with that in mind.” This is not performative empathy. It signals to the board that you are not treating headcount as an abstraction, which is a concern that sits behind many of their questions.

Control your pacing. The natural instinct when presenting difficult content is to speed up, to get through the uncomfortable slides quickly. Do the opposite. Slow down on the rationale slides. Pause after the cost-of-inaction slide. Give the board time to process before you move to the solution.

Anticipate the challenge questions and build your responses into the deck itself. If you know the chair is concerned about talent retention, include a slide on your retention strategy. If the audit committee will focus on restructuring costs, have a detailed cost waterfall ready as a backup slide. The best board presentations are the ones where the presenter appears to have read the room before entering it.

If the pressure of the room itself concerns you, that is worth addressing separately. Presenting restructuring proposals is among the most high-pressure scenarios an executive faces, and the physical symptoms of that pressure, the racing heart, the dry mouth, can undermine your credibility even when your content is strong. There are specific techniques for managing presentation anxiety that apply directly to board-level delivery.

Finally, close with a clear ask. Do not end on a summary slide. End on a decision slide: “I am asking the board to approve the restructuring framework, delegate implementation authority to the executive team, and schedule a Phase 1 review in six weeks.” Give them something specific to vote on. Ambiguity at the close is what sends proposals back for “further work.”


Infographic showing a board-level organisational change delivery checklist with pacing, empathy, and decision-slide guidance

Frequently Asked Questions

How many slides should a restructuring presentation have?

Aim for 12 to 15 slides in the main deck, with an additional five to eight backup slides for detailed questions. Board members lose focus after 20 minutes of slides, so your core argument needs to be tight. Use the backup deck for detailed financial models, legal timelines, and scenario analyses that you expect specific board members to request.

Should I share the restructuring deck with the board before the meeting?

Yes, with caveats. Send the deck 48 hours before the meeting with a one-page cover note summarising the proposal and the decision you are seeking. This gives non-executive directors time to prepare their questions, which actually works in your favour. Surprises in the boardroom create resistance. Pre-reading creates informed challenge, which is easier to manage and produces better decisions.

How do I handle board members who oppose the restructuring during the presentation?

Acknowledge the concern without becoming defensive. Use the “what we decided not to do” slide to show that you considered alternatives. If a board member raises a scenario you have not addressed, say so honestly: “That is a fair challenge. I would like to come back with analysis on that specific point before the next gate.” Boards respect intellectual honesty far more than forced confidence. The worst response is dismissing the concern or insisting your analysis already covers it when it clearly does not.

Join The Winning Edge

Weekly strategies for executives who present at board level. Tactical, concise, no fluff.

Subscribe Free

Want a quick-reference checklist before your next board presentation? Download the free Executive Presentation Checklist.

Mary Beth Hazeldine | Owner & Managing Director, Winning Presentations. With 24 years of corporate banking experience at JPMorgan Chase, PwC, Royal Bank of Scotland, and Commerzbank, she advises executives across financial services, healthcare, technology, and government on structuring presentations for high-stakes funding rounds and approvals.

29 Mar 2026
Crisis boardroom briefing setting with urgent presentation slides on screen during a data breach response
Crisis & Difficult Conversations Mary Beth Hazeldine 0 comment

The Data Breach Presentation: How to Brief the Board When Security Has Failed

A data breach presentation to the board must prioritise transparency, containment status, and remediation roadmap. Structure your briefing with immediate facts first, then severity assessment, affected parties, response measures, and governance improvements—delivered with composure and accountability, not excuses.

I remember sitting with the CRO of a mid-sized fintech company the morning their payment processing systems were compromised. His instinct was to minimise the incident, talk about their strong security posture, and focus on the rapid remediation. But the board didn’t need reassurance—they needed truth. When he pivoted to a clear, facts-first briefing that acknowledged the breach severity, explained exactly how it happened, and outlined the decisive steps already underway, the room shifted. The board moved from alarm to alignment. That presentation became the template I’ve now refined across banking, healthcare, and technology firms facing their own security crises. The lesson: transparency and accountability rebuild trust faster than any defensive narrative.

The Challenge

You’re in crisis mode. Incident response teams are working round the clock, legal and compliance are engaged, but now you face the board. This presentation sets the tone for the organisation’s response and determines whether leadership retains stakeholder confidence. Get it wrong, and you compound the crisis. Get it right, and you lead recovery.

How to Structure a Data Breach Presentation

The moment you call a data breach presentation, the board expects a specific framework. This isn’t the place for storytelling or gradual reveals. Your structure must signal control, transparency, and a clear remediation path.

Begin with what happened: the discovery method, date detected, and date of incident. Follow with scope: how many records, which systems, which customer populations. Then move to response: what’s been done since discovery, what’s in progress, what external parties have been engaged. Finally, present governance: the investigation findings, root cause, and prevention measures being implemented.

Each section must answer the question the board is actually asking: Is this controlled? Do we understand it? Are we managing the fallout? What have we learned?

Your slides should be clean, data-heavy, and devoid of jargon. Board members want to understand the incident without needing a security degree. If you can’t explain your response in plain English, you haven’t thought it through well enough.

Master Board Presentations Under Pressure

The Executive Slide System gives you frameworks for every high-stakes conversation—including crisis management. Slide templates, speaker notes, and board communication protocols designed for banking, healthcare, and regulated industries.

Executive Slide System — £39

Includes crisis communication templates

Opening with the Facts: What Happened and When

Your opening slide should contain three elements: the discovery date, the incident date, and the notification status. Don’t bury these. Put them at the top in large text. Boards appreciate efficiency.

For example: “Breach discovered 14 March 2026. Incident occurred 7–12 March 2026. Regulatory notification completed 15 March. Customer notifications in progress.” That’s it. One slide. One minute of your time.

Then explain how you discovered the breach. Was it a third-party security researcher? Your own monitoring systems? A customer report? An attack pattern? The method matters because it tells the board whether your detection capabilities are strong or weak. Be honest. If you relied on external discovery, acknowledge it and explain what’s being upgraded in your monitoring infrastructure.

Next, outline the attack vector. How did they get in? Vulnerable plugin? Credential compromise? Supply chain weakness? Social engineering? Don’t speculate. Present only what your forensic investigation has confirmed. If the root cause isn’t yet clear, say so. Speculating damages credibility more than admitting you’re still investigating.

Finally, confirm whether the breach has been contained. Is the attack surface still open, or has it been sealed? Are you confident the attacker no longer has access? This single answer determines whether the board moves to the next question or stops you with follow-ups. If containment is partial or uncertain, be explicit about it and explain the timeline to full containment.

Scope and Impact: Who and What Was Affected

After establishing what happened, the board needs to understand the size of the problem. This section requires precision. Vague numbers erode trust faster than difficult truths.

Present the affected data categories clearly: customer names and email addresses (number of records), payment card information (last four digits only, ideally), NHS numbers, employee data, or proprietary information. Be specific about each category. A breach affecting customer emails is materially different from one affecting payment cards, and the board needs to distinguish.

If the breach is geographically dispersed, break it down by region. GDPR-regulated data? HIPAA-covered records? Payment Card Industry data? This determines your notification and regulatory burden, and the board needs to see that you’ve already mapped these obligations.

Include a timeline slide showing the discovery window and remediation milestones. Boards want to see momentum. If your timeline shows discovery on day one and containment on day two, that’s strong positioning. If it shows a month-long gap between incident and discovery, the board will ask harder questions about your monitoring.

Data breach board briefing dashboard showing four critical elements: core slides, update cycle, decision ask, and stakeholder groups

Don’t speculate about impact. If you don’t know whether customers have suffered fraud, say so. If no fraudulent transactions have been reported yet, that’s worth noting, but don’t claim it as evidence of safety. Fraudsters often sit on stolen data for months before monetising it. Responsible communication means saying what you know and don’t know, and explaining your monitoring for future misuse.

Close this section by explicitly confirming whether this is your organisation’s first breach, or whether there are previous incidents in your history. Boards need to see whether this is an isolated incident or a pattern of security weaknesses. If it’s your second breach in three years, that changes the narrative significantly, and the board will expect more aggressive remediation and governance changes.

Immediate Response and Containment Measures

This is where you demonstrate leadership. The board is watching to see whether your organisation has a rehearsed, competent response or whether you’re improvising under pressure.

List the actions taken immediately upon discovery: isolation of affected systems, engagement of external forensic investigators, notification of your insurer, engagement of breach counsel, and escalation to the board and audit committee. If you’ve already done these things, say so with dates. If you’re still in the process, say that too.

Introduce your response team: Who is the incident commander? Who is leading the forensic investigation? (Name the external firm if you’ve engaged one—it signals seriousness.) Who is managing regulatory notification? Who is handling customer communications? Boards trust clarity. If the response is fragmented or unclear, confidence drops.

Then outline the ongoing remediation: system hardening, patching, access reviews, enhanced monitoring, infrastructure changes. Give timeline estimates for each. Be realistic. If you’re six weeks into a twelve-week remediation, say so. Overpromising fixes erodes trust.

Close by addressing cyber insurance. Have you made a claim? What is your coverage limit? What portion of costs will be covered? Boards care deeply about financial impact, and insurance is often the most material mitigation. If your coverage is inadequate for this incident, the board needs to know now and understand why you’ll be proposing coverage increases before the next renewal.

Present with Executive Clarity

The difference between a crisis that destroys confidence and one that proves your leadership is how you present it. The Executive Slide System includes dark mode templates, data visualisation examples, and voice patterns for high-stress briefings—tested with C-suite executives and board chairs across banking and healthcare.

Executive Slide System — £39 →

External Communication and Regulatory Reporting

The board must understand your communication obligations and strategy before the breach becomes public. Present your notification timeline, template letters (redacted for the board), and the sequence in which stakeholder groups will be informed.

In the UK, GDPR requires notification to the Information Commissioner’s Office within 72 hours if there is high risk to individuals. Are you meeting this deadline? If not, explain why not and when you will. If the breach isn’t reportable to the ICO, explain that too—it shows you’ve done a legal assessment rather than over-reporting.

For payment card data, PCI-DSS requires notification to card networks and potentially customers. Are you engaging payment processors and card schemes? Have you involved your acquiring bank? The board needs to see that you understand your contractual and regulatory obligations.

Present your customer communication strategy. Will you email, phone, or offer a portal where customers can check whether their data was involved? Will you offer free credit monitoring? The board will want to know your cost estimate for this. If you’re committing to paid identity protection for affected customers, that’s a material expense and requires board visibility.

Also address media strategy. Have you engaged a PR agency? What is your public statement? Will the CEO do interviews, or will you refer all inquiries to a designated spokesperson? The board will want to know whether you’re being transparent with the press or defending the breach defensively. Transparency usually plays better with media and the public.

Finally, address staff communication. Employees often hear about breaches through news first, which damages morale. Have you prepared an all-hands briefing explaining what happened, whether employee data was involved, and what the organisation is doing to prevent recurrence? This matters more than many executives realise. Your people need to believe you’re taking this seriously.

Recovery and Prevention: The Path Forward

The final section is the pivot from crisis to leadership. Boards remember organisations that not only survive breaches but demonstrate they’ve learned from them and made meaningful improvements.

Present your investigation findings: the root cause, the failure points, and the systemic weaknesses this breach has exposed. Don’t soft-pedal this. If your monitoring was inadequate, say so. If your patch management was slack, admit it. If you had a known vulnerability that wasn’t prioritised, own it. Boards respect organisations that face difficult truths rather than make excuses.

Then outline your remediation roadmap. What specific changes are being made to prevent recurrence? Upgraded security monitoring? Enhanced access controls? Penetration testing? A new Chief Information Security Officer? Updated incident response playbooks? Each item should have a owner, a timeline, and a success metric.

Address governance improvements. Will the board now receive monthly cyber updates rather than quarterly? Will you establish a board-level cyber committee? Will CISO reporting change? These changes signal that leadership takes the risk seriously and is willing to restructure governance to match.

Also present your cyber insurance and risk transfer strategy going forward. Are you increasing coverage? Changing providers? Adding additional coverage for extortion or reputation damage? Regulatory and compliance presentations often gloss over insurance, but the board will expect a clear strategy here.

Four-stage breach response roadmap: contain, assess, communicate, and recover

Finally, present your communication plan for this conversation. How will you communicate the board’s confidence in the response to employees, customers, and investors? If the board passes a resolution affirming management’s handling of the incident, that’s a signal to the market that governance is strong. Include this in your planning.

Close this section—and the core content—with a personal commitment from the executive leading the response. The board needs to hear that someone is personally accountable and will see this recovery through. Not a vague “the team is committed” statement, but a clear “I am leading this and I will report monthly on our progress” commitment. This transforms the conversation from a crisis briefing to a leadership moment.

If you’re preparing for a board briefing after a breach and need to sharpen your messaging, the Executive Slide System includes crisis communication templates and speaker notes tested in actual board rooms.

Frequently Asked Questions

How much detail should you provide about the attack vector?

Provide enough detail so the board understands the risk, but not so much that you’re revealing operational security information. Say “a vulnerability in our third-party email plugin” rather than the specific CVE number or patch details. The board needs to know the category of failure (third-party risk, credential compromise, supply chain) so they can understand your remediation approach. Your detailed forensic report goes to audit committee members with restricted distribution, not the full board.

What if the breach is ongoing and you haven’t yet achieved full containment?

Be transparent about the containment status and timeline. “We have contained the payment processing vulnerability as of this morning. We are still monitoring the attacker’s activity on one legacy system, which we expect to fully isolate by end of week.” Boards understand that some breaches take time to fully contain. What they won’t tolerate is discovering later that you misrepresented the containment status in this briefing. Err toward transparency every time.

Should you recommend board-level changes to cyber governance, or wait for the board to ask?

Recommend them proactively. You have the information; the board is responding to you. If you believe monthly cyber updates are warranted, propose them. If your CISO should report directly to the board rather than the CIO, recommend it. This positions you as forward-thinking and accountable, not defensive. The board may reject your proposals, but they’ll respect that you thought through the governance implications of this breach rather than hoping they won’t notice the gaps.

Strengthen Your Board Communication

Subscribe to The Winning Edge for frameworks on high-stakes presentations, board confidence, and executive communication under pressure.

Join the Newsletter

Get the Executive Presentation Checklist free—15-point quality control framework for any board presentation.

More in This Series

Today’s articles cover governance updates, revenue forecasts, and managing presentation anxiety for challenging audiences. All part of the crisis and difficult presentation cluster.

A data breach presentation is not the moment to defend your past decisions. It is the moment to prove you can lead through a crisis with transparency, accountability, and strategic vision. Get those three elements right, and the board will support your recovery.

Mary Beth Hazeldine is Owner & Managing Director of Winning Presentations. With 24 years of corporate banking experience at JPMorgan Chase, PwC, Royal Bank of Scotland, and Commerzbank, she advises executives across financial services, healthcare, technology, and government on structuring presentations for high-stakes funding rounds and approvals.

© Winning Presentations Ltd. All rights reserved 2025