TECHNICOLOR_REGISTRATION_DOCUMENT_2017
3 - RISKS, LITIGATION AND CONTROLS Internal control
Preparation of financial information The Group’s financial information is prepared by the Finance Department. It is based on information reported through the Annual Reporting and consolidation processes and on operational and market information, which is specifically centralized for the preparation of the Company’s Registration Document. The latter is prepared jointly by the Finance Department and the General Secretary of the Company. The quarterly, half-yearly and annual financial information is reviewed by the Audit Committee and the Board of directors. Prior to being published, the above financial information is also reviewed by members of the management team and senior managers within the Corporate Finance and Legal Departments, each for their respective fields. OTHER INTERNAL CONTROL 3.3.5 PROCEDURES Information Technology Security Procedures The Chief Information Officer (hereafter the “CIO”) leads the Technicolor’s IT organization and is supported by a leadership team composed of senior IT and business managers. The managers either directly support each of Technicolor’s businesses or support shared service IT functions and applications used worldwide by the entire organization (global infrastructure & Risk Management, Information Security, Enterprise Applications and Corporate Functions). IT organizations collaborate closely with other internal security entities, such as the Technicolor Security Office (TSO), to align IT solutions, services and products with established security policies, procedures and best practices. These individuals are experienced IT professionals with a broad background and are well versed with the businesses and technologies they support. They ensure that the IT tools, services, and applications used by all Technicolor sites and businesses ( e.g . e-mail, networks, phone systems, cloud platform evolution and operation, collaboration tools, video conferencing, web technologies, business intelligence tools, business and risk management tools and processes and the Technicolor Production Network) are operated and managed in an efficient, cost-effective, safe and secure manner. In addition, the IT organization provides Enterprise Architecture for new technologies, IT Vendor Management and Enterprise Project & Portfolio Management used to govern, regulate, and manage the IT organization (regulatory compliance, internal IT standards and best practices, project and project portfolio management processes)
ensuring that IT is properly aligned with the corporation’s strategic objectives. This function leverages the IT 3-Year Plan to ensure that proposed new Technology and applications are planned and executed in a rational, holistic manner that encompasses both technical and business process impacts and encourages use across the corporation. Security of people and assets, including cybersecurity [G4-DMA Customer privacy] GRI Security is key priority and an overall enterprise topic that affects each of our Business Divisions in different ways. For Entertainment Services, Studios assign their projects only to companies that meet their content security standards. Technicolor’s facilities and digital networks must succeed customer initiated, security audits to win new contracts and to maintain client relationships. The TSO (Technicolor Security Office) play a strong role in preparing and assisting in such audits. Security is also important for the Connected Home business. As devices are increasingly more open and complex, they are exposed to greater security risks. Security can be a real market differentiator. TSO helps Connected Home to deliver secure devices to their customers, and to adapt its product security posture to current threat levels. For the Technology segment, confidentiality is essential to protect Technicolor’s patents. In general, our innovations, our sensitive information, our private data can be privileged targets for business intelligence. As such the TSO, was established in 2011 to define the Security Strategy at the Group level. Led by the Chief Security Officer, the TSO establishes priorities, defines best practices, monitors current implementations, develops common metrics and promotes the security tools for the Group. The key areas of focus for the TSO are physical, digital and business security which are all covered as part of a Security 3YP that is organized around four main pillars: Foundational, Protect, Detect and Respond & Recovery. Each pillar contains categories of initiatives (23 in total) that highlight the key areas of focus and progress. A cross function security team is in place being the main contributor in executing the 3YP. This team is comprised of: TSO-Assessment Team (AT), TSO-Physical Security, Content Security, Security Operating Center (SOC), IT Security and Governance, Risk and Compliance (GRC).
68
TECHNICOLOR REGISTRATION DOCUMENT 2017
Made with FlippingBook Annual report