of businesses are certified with international standards on data and information security
Cybersecurity and Data Protection Management Approach
Charoen Pokphand Group's management approach and policy commitment to cybersecurity and data protection are characterized by a proactive and holistic strategy that places the utmost importance on safeguarding sensitive information across all aspects of its operations. The Group has taken a forward-thinking approach that prioritizes ongoing innovation and development in its security procedures since it is aware of the constantly changing landscape of cyber threats and the possible impact on its different operations.
The foundation of C.P. Group's cybersecurity strategy is a strong risk management system that spots possible weaknesses and promptly resolves them. The Group undertakes thorough risk assessments on a proactive basis, taking into account not only technological factors but also human variables and outside dangers. The team can put the right steps in place to successfully mitigate possible cyber events by staying ahead of developing risks.
C.P. Group rigorously complies with all applicable international standards and best practices to keep its policy commitment to data privacy. To guarantee the confidentiality, integrity, and accessibility of its information assets, the Group makes investments in cutting-edge technology and implements strict access restrictions, encryption methods, and data monitoring tools. To promote a culture of security awareness and accountability throughout the organization, the Group also continuously educates its employees and suppliers about cybersecurity best practices.
Additionally, by actively interacting with relevant regulatory organizations and industry associations, C.P. Group shows its dedication to cybersecurity and data protection. The Group takes part in cooperative projects to exchange best practices, provide threat intelligence, and help create cybersecurity standards. This dedication benefits the larger corporate community by improving not only the Group's cybersecurity posture but also security standards across the board.
Cybersecurity and Data Protection Governance
In today's digital world, protecting our organization's data and maintaining our stakeholders' privacy is critical. The Group is resolute in our commitment to cybersecurity and data protection governance, and we have put in place strong safeguards to secure sensitive information while cultivating a culture of responsible data management. With this in mind, the Group has a Cybersecurity Steering Committee which is overseen by C.P. Group’s CEO. The committee also comprises executives from different departments who are equipped with knowledge and skills in relation to information security and cybersecurity. In addition to the Cybersecurity Steering Committee, the Group also has a Chief Information Technology Officer to oversee Group’s cybersecurity implementation and protection of all data.
Cybersecurity and Data Protection Activities and Training
Communicate policies and practices related to information security at the group level.
In 2022, the Group established and reviewed policies and practices related to information security at the Group level. and communicated with representatives responsible for information security from various business groups. There are participants from all BUs or 409 persons. The objective is to determine the direction and the process to harmonize in the same direction. The communication content covers information security and cyber security risk assessment and analysis, information security strategy and measures, information asset management, vulnerabilities assessment, detection of abnormal incidents that violate information, and cyber security.
Internal information security self-assessment
CPPC, a business under Charoen Pokphand Group, encourages 100% of employees to attend training and self-assessment in information security. The objective is to create understanding and awareness of cyber threats in various forms. Measures and observation points to protect yourself from cyber scams. At the same time, it is a guideline for employees to protect the cyber security of the organization. After that, the employee need to pass self-assessment, which enable employees to have self-immunity and be able to share their knowledge to other.