Page 31 - EINF2022
P. 31
NON-FINANCIAL INFORMATION STATEMENT
3.4.
Action on data protection
Information security plays a key role in our business. It is one of our main, FireWall in HA FireWall New
essential assets for our management and therefore deserves our special Generation Controlled access
protection. It is also one of our material issues and one of the challenges of our Suppliers
industry (explained in Section 3 - Risks).
This issue is, on the one hand, included in point 2.) of our Code of Conduct,
detailing that we comply with current data protection regulations, processing SIEM-RAPID Internal Network
all personal information confidentially, and in our TWA Information Security Phish Threat Segmentation
Policy, which is duly regulated in TWGs IT Security Manual and which defines (awareness-raising) Perimeter Internal Network
Homogenisation
Certifications
the provision of an Information Security Committee with its corresponding security
function, which we understand to be of a high level. This Committee specifies
that the CISO is responsible for verifying and updating the Policy while the CTO is
responsible for implementation Cyber security Local network
audit security
During 2022, the incorporation of SAGE X3 ERP for TWL and SAP for TWA has
been established, which allows us a higher level of control and unification of
reporting. We have continued with the implementation of different tools for
monitoring and the continuous evaluation of our cyber security, defining use
case procedures, vulnerability resolution plans extensive to all devices, adequacy
monitoring in both areas (TWL and TWA), homogenising firewall infrastructures Security on Security of access
mobile devices
to network
and debugging the rules to the minimum necessary (from layer 4 to 7). During resources
the next year, we plan to continue to increase our cyber security, analysing per
application and proceeding with external and internal audits (which are already
underway), as well as increasing a new wifi communication infrastructure and
new firewalls in warehouses.
File
We have also certified VDA ISA (TISAX) at all our sites (including Germany) in security
TWA during 2022. ManageEngine STAS Sophos
MDM Antivirus Sophos
Next is the roll-out of our security measures:
AIP
Antivirus Sophos
We have not received any complaints in this regard during this period.
31
