Exclusive Networks // Sustainability Report 2022
Ethics, fair practices, compliance and security Cybersecurity governance and organisation
consulting firm. They conduct tests and interviews to identify risky practices or any deviations and the corrective actions to be taken.
Management of the compliance programme Regular audits are conducted jointly by the Group’s Internal Audit department and an independent
Action
2022 results
Control, monitor and evaluate the implementation of the Group’s compliance programme [GRI 205-3]/SDG 16.5
14 audits carried out covering anti-corruption No proven cases of corruption identified No employees dismissed or sanctioned for corruption No conviction for corruption against the Exclusive Networks Group, one of its subsidiaries or one of its employees
The Exclusive Networks Group has set itself the objective that all countries will be audited at least every five years covering anti-corruption, and that the audit plan will cover 30% of the revenue.
6.3
Cybersecurity governance and organisation
The Group’s security strategy is proposed by the CISO and approved by the Cyber Defence Council, which reports to the Group Chief Information Officer (CIO), himself a member of the Group Executive Committee. To ensure effective deployment of the policy and related security measures, there is a functional link between the CISO and each of the local IT managers.
IT systems security organisation inside the Group Within the Exclusive Networks Group, the IT systems security department is under the authority of the Chief Information Security Officer (CISO). The CISO has full authority over the entire security infrastructure of the Group, both at the central level and in the countries where the Group operates.
Security organisation
Chief Technical Officer
Technical support
Group Executive Committee
Chief Information Officer
Chief Information Security Officer
Global Security Operations Center
Local technical teams
Cyber Defence Council
In parallel, the Global Security Operations Center (GSOC) department is in charge of managing security incidents in the entire Exclusive Networks Group, including local infrastructures and offices. To do so, the GSOC department performs the following three duties: monitoring, incident response and reporting on the entire security infrastructure of the Group worldwide;
deploying, configuring and managing all security infrastructure and devices to ensure a centralised, harmonised and automated global security standard; supporting the user helpdesk, infrastructure team and employees. The GSOC department is further supported by an external Managed Endpoint Detection & Response service, which monitors and deals with security incidents
63
Exclusive Networks
Sustainability Report 2022
Made with FlippingBook. PDF to flipbook with ease