Our Security System

Protection of people

People represent the main success factor in defining and achieving the Group's objectives. We are committed to protecting their Safety and Security, in Italy and abroad, by supporting our Management in the fulfillment of the Duty of Care required by Italian and EU regulations and, where applicable, by the regulations in force in the destination countries.

As part of our commitment to continuous improvement, we have decided to integrate the guidelines contained in the international standard "UNI ISO 31030:2021 Travel Risk Management - Guidance for Organizations" within our travel risk management model, which, following a rigorous Risk Management approach, allows us to identify and assess the risks which are present in the different destinations, inform and train stakeholders, and activate prevention and/or mitigation measures. To this purpose, since 2023 we drafted the Travel Risk Management Policy, signed a Memorandum of Understanding with the Ministry of Foreign Affairs aimed at consolidating an already-vibrant public-private collaboration, and started to work on the necessary adjustments to the internal processes and procedures of the Travel Risk Management operating model to be fully compliant with ISO 31030 standard in 2024.

Finally, we prepare the company, through periodic updates and exercises, to deal with crisis situations that might involve personnel abroad, by monitoring the emergence of possible threats (Early Warning) and by coordinating the response to critical situations, through Crisis Committees chaired by the Employers and supported by the functions involved in the TRM process or deemed necessary to manage the single, specific event.

Protection of information

Information is of vital importance for business operations and the maintenance of strategic advantage. For this reason, we assign value to information based on its significance both inside and outside the Company, whether operational or strategic in nature, and considering the potential negative consequences for the Company and its employees in the event of unauthorized access, loss, and/or destruction. We also implement the necessary security measures to ensure its protection, availability, and integrity, assessing every action needed to ensure proper use. This is done through organizational procedures that include internal classification, physical safeguards with access and distribution restrictions, digital protection, and defined retention criteria. With regard to information governed by State Secret regulations, the Company has acquired and maintains a special authorization issued and certified by the National Security Authority. This allows us to manage information of strategic and military interest in accordance with national legislation and international agreements concerning classified contracts with foreign nations. In this context, we operate in full compliance with national and international regulations, promoting awareness of relevant legislation and ensuring continuous training for designated personnel.

Protection of physical assets

Physical assets represent an indispensable means for operational continuity and the achievement of business objectives. For their safeguarding, we adopt a physical security risk assessment methodology based on international best practices, with the aim of identifying and updating appropriate containment actions, whether they are of a physical, technological, and/or organizational nature, implemented in harmony with each other and in compliance with specific industry regulations. Furthermore, the implemented security measures are constantly monitored for their effectiveness and adjusted in relation to any changes in the security level.

Protection of business integrity

We are committed to upholding the principles of legality, ethics and transparency – essential foundations of sustainable business - thorough a rigorous process of reputational screening of our supply chain. The integrity due diligence activities conducted on third parties help safeguard our business from criminal infiltration.

In this regard, remaining attentive and vigilant to any potential interference that could compromise the integrity of our business and of our conduct in the market, we have strengthened and expanded public-private partnership initiatives by means of:

• the signing of a new Legality Protocol with the Italian Ministry of the Interior, which enhances existing procedures and promotes a widespread culture of legality, protecting both Fincantieri and the trust of our stakeholders;

• the signing of the "Memorandum of understanding relating to collaboration relationships between Guardia di Finanza and Fincantieri S.p.A." that strengthens prevention and collaboration providing for joint action aimed at protecting legality, with a focus on preventing and combating economic and financial illegality, fraud, corruption, and irregular work.

More generally, the protection of our Company requires the knowledge of anything could expose our business; for this reason, we constantly feed our knowledge base with a continuous threat intelligence process aimed at identifying and constantly evaluating criminal threats.