ADP_REGISTRATION_DOCUMENT_2017

ORGANISATION CHART

RISK FACTORS

PERSONS RESPONSIBLE FOR THE REGISTRATION DOCUMENT AND ANNUAL FINANCIAL REPORT

STATUTORY AUDITORS

SELECTED FINANCIAL INFORMATION

INFORMATION ON THE COMPANY

BUSINESS OVERVIEW

REAL ESTATE ASSETS AND FACILITIES

REVIEW OF THE FINANCIAL POSITION AND INCOME

EQUITY AND CASH FLOWS

Risks linked to data protection and IT systems

RISK IDENTIFICATION

RISK MONITORING AND MANAGEMENT

In view of the challenges, the group’s data protection and IT system protection systems are based on:  group information protection and IT system security policies, which both contribute to compliance with Groupe ADP’s code of good conduct for data security, in the appendix to the rules of procedure of Aéroports de Paris;  dedicated organisations and governance with specifically:  a Strategic Committee for the Security of IT Systems which defines the IT system security strategy,  a Group Head of IT System Security (RSSI), responsible for the IT System Security Department,  an Information Protection Manager and a Civil Liberties Correspondent (CIL) appointed in 2013 with the French National Commission for IT and Civil Liberties ( Commission Nationale de l’Informatique et des Libertés - CNIL). The current context has led Groupe ADP to commit to a certain number of additional actions in 2017, including:  a major awareness raising plan for group staff, called Vigie Info, launched at the end of the year;  a compliance plan for the group to the RGPD currently being deployed;  a robustness diagnosis of its critical IT systems to meet regulatory obligations.

Data protection and IT systems are a major challenge for Groupe ADP. The risk of data leaks through negligence, malevolent acts or intrusion into IT systems may have a very significant impact on the Company’s image, reputation, robustness and performance if they were to occur. Large-scale global cyberattacks are increasingly frequent, as shown by Wannacry and Petya in 2017. The growing digitalisation of the group’s activities and the change in its working practices (telework) expose it to increased risks. In addition, the new regulatory obligations (with the entry into force in May 2018 of the new European regulation on personal data protection (RGPD) have led Groupe ADP to reinforce its vigilance and to deploy new actions in 2017.

04

Financial risk The main risks relating to Groupe ADP’s financial 5 instruments are credit risk, liquidity risk and market risk. The group’s main financial liabilities consist of bonds, bank loans, derivative instruments, finance leases, supplier debts and possibly overdrafts. The main objective of these financial liabilities is to fund Groupe ADP’s operating activities.

The group has other financial assets such as customer debts and cash, derivative instruments and short-term deposits that are generated directly by its activities. The derivative instruments used by the group, primarily interest rate swaps, are designed to manage interest rate risks linked to the financing used by the group.

25

AÉROPORTS DE PARIS  REGISTRATION DOCUMENT 2017

Made with FlippingBook Online newsletter