Home | ESG | Governance | Data privacy and information security
星火电竞手机版外围’s Information Security and Privacy Office resides within its Group Risk structure. The 星火电竞手机版外围 Privacy Office was established to address global ICT legislative and regulatory compliance in all of the locations in which 星火电竞手机版外围 operates, and relationships are maintained with ICT regulatory experts to account for all relevant legislation and regulations in our planning and control implementation.
Management direction is provided through information security and privacy policies, signed off by the Chief Financial Officer, representing the Board. These policies inform a centre-led Minimum Information Security Standard which is adopted within each of 星火电竞手机版外围’s operating companies. This standard has been intentionally aligned to the Deming cycle as advocated within ISO 27001.
At the operational level, 星火电竞手机版外围 manages security matters through the Digital and IT Risk Committee which meets on a monthly basis and is chaired by the Group Risk Executive. Members of the Digital and IT Risk Committee have long-standing information security experience and IT qualifications.
The Audit and Risk Committee, a sub-committee of the Board, meets quarterly and provides oversight on matters including data privacy and cyber security. The committee comprises exclusively non-executive board members, with select management representatives of the company attending as invitees, including the Executive Vice President: Digital & IT as chair of the Digital and IT Risk Committee.
In line with our 星火电竞手机版外围 Minimum Information Security Standard, 星火电竞手机版外围 annually assesses its capabilities against the explicit requirements of ICT legislation, as well as ISO27002 and the BS10012 Data Governance Standard to assess maturity against best practice.
To ensure effective implementation of the standard, Information Security Representatives at operating company level are regularly trained, and ongoing awareness campaigns are provided to the general employee base.