Upholding Good Governance and Economic Resilience Integrated Annual Report 2024 SECTION 5 • DELIVERING SUSTAINABLE VALUE FOR OUR STAKEHOLDERS 129 WHY IT MATTERS ? OUR APPROACH CUSTOMER DATA PRIVACY AND INFORMATION TECHNOLOGY GRI 3-3, GRI 418-1 Capitals SDGs M8 F I H As technology and digital connectivity continue to expand, protecting customer data privacy and strengthening cybersecurity resilience are essential to safeguarding sensitive information and trade secrets from unauthorised access or misuse. A significant data breach may pose a substantial risk with potential consequences such as identity theft, financial fraud, and reputational damage. To address these challenges, robust cybersecurity measures must be in place to mitigate cyber threats and attacks in ensuring business continuity, maintain stakeholder trust, and uphold the integrity of operations in an increasingly digital landscape. Press Metal has established an Information Technology (“IT”) Policy, which serves as an authoritative guide for all authorised users. This policy outlines the principles of responsible and ethical use of IT facilities, placing emphasis on protecting our systems from potential damage or liability arising from unlawful or inappropriate conduct. By setting expectations and protocols, it underpins the integrity and security of our technological ecosystem, ensuring adherence to the standards of diligence and accountability. In alignment with the evolving legal and regulatory framework, the IT Policy undergoes annual review to maintain relevance in the digital landscape. In strengthening our cybersecurity framework, we have deployed a suite of IT-based protective measures, including firewalls and other security mechanisms that are engineered to safeguard our systems from external threats — such as cyberattacks, malware, and unauthorised intrusions — that pose significant risks in today’s interconnected world. To maintain our safeguards, we implement periodic updates to our firewalls and internal networks, enhancing IT governance and bolstering cybersecurity resilience. This approach mitigates vulnerabilities, enabling our technological infrastructure to remain robust and secure against potential risks. Integral to our cybersecurity protocol, the IT Infrastructure unit adheres to a cyber hygiene checklist, embedding industry practices to detect and prevent security incidents. This checklist includes an IT security checklist, internal audits, and annual cybersecurity vulnerability assessments. To further strengthen oversight, we had established an IT Compliance & Security Team tasked with supervising IT policies, standard operating procedures, cybersecurity protections, and governance protocols to comply with regulatory alignment. Software Development Policy – Standardises and structures the software development process. For IT Administrators Business Intelligence Administrative Policy – Focuses on data security and compliance with legal and company policies. Operational Technology (“OT”) Network Connectivity to Production Network Policy – Ensures secure connections between OT and Production networks. IT Equipment Relocation Policy – Guides safe relocation of IT equipment to protect data and prevent damage. Bring Your Own Device Policy – Ensures the security of company data when using personal devices for work. Business Intelligence Use Policy – Governs the use of Business Intelligence tools, ensuring compliance with data privacy and security practices. For IT Users
RkJQdWJsaXNoZXIy NDgzMzc=