PRINT
We are a strategic asset for the country, therefore the protection of our resources, starting with human capital as well as tangible and intangible assets, is of vital importance for the entire Company, for shareholders and for “Sistema-Italia”.
With this in mind, we are committed to develop, incorporate and disseminate, within the Group, the best practices, standards and guidelines to identify, manage and mitigate our security risks in compliance with human rights, with the belief that effective prevention and protection strategies are an ethical as well as an economic value in management and business activities.
From this point of view, we ensure a constant process of security risk management, aimed at guaranteeing the highest level of protection for employees and tangible and intangible assets in order to achieve our social and business development objectives.
In this process - with a view to achieving comprehensive security levels - we constantly seek an informed and responsible adherence of all employees who, through their active involvement, enable the dissemination of the security culture in all our workplaces.
As stated in our Policy, the Security Function is entrusted with the exclusive task of protection and safeguard, which is declined in 4 main dimensions:
- Protection of persons;
- Protection of information;
- Protection of physical assets;
- Protection of business integrity.
WHICH OBJECTIVES DO WE HAVE ON THIS TOPIC?
Governance and business integrity: 2018-2022 Sustainability Plan objectives and targets
| Commitment | Objectives | Description/ Target | Benefits | Status | Timetable |
|
Maintenance of the Corporate Governance system and risk management (including sustainability risk) in line with international best practice |
Structure an Emergency Response & Crisis Management process in Safety & Security |
Implement the project which consists of: • Appointment of the Crisis Management Team (CMT) and deputies • Periodic CMT training • Definition of methods for activating and managing the CMT • Virtual Crisis Management Room • Definition of standards for future physical Control Room
Creation of a single CMT through official appointments, training and equipping a Virtual Crisis Room |
Reduce decision-makers' engagement times in relation to recovery measures. Be resilient, and ensure regulatory compliance and reduction of damage to human resources, company property and reputation |
In 2019, a Crisis Management system (abroad) was activated and, insofar, 15 contingency plans have been drawn up and updated for the most important foreign sites and locations where the Company operates. |
2019 |
|
Implementation of the International Ship and Port Facility Security Code (ISPS Code) |
Implement the project which consists of: • Updating of the security plans for those sites subject to the ISPS Code • Personnel training • Drills • Adoption of the security process methodology even in those sites where compliance with the regulation is not compulsory
100% Italian sites |
Ensure: • Regulatory compliance • Resilience to criminal and/or terrorist threats • A high level of expertise of personnel with security tasks • Awareness of personnel who access the sites |
In 2021, the implementation of the International Ship and Port Facility Security (ISPS) Code was concluded. The concerned methodology was also adopted by those plants for which the legislation is not mandatory. Moreover, training of Fincantieri employees continued with the provision of an interactive and customized e-learning course aimed at familiarizing them with security issues. |
2021 |
AchievedCYBER SECURITY: 2018-2022 SUSTAINABILITY PLAN OBJECTIVES AND TARGETS
| Commitments | Objectives | Description/ Target | Benefits | Status | Timetable |
|
Guarantee the protection of computer systems and data by minimizing the risk of network breaches, corruption of sensitive data or processes and develop the cyber security strategy for products and services
|
Develop a central information technology system and industrial platforms to bolster protection of industrial networks |
Develop a central IT system and industrial platforms to bolster protection in order to: • Expand the perimeter of the technological protection infrastructure in order to counter modern cyber security threats (email security review, anti malware evolution, Sandbox development, upgrade SIEM software development, etc.) • Automate cyber incident detection and management processes • Develop tools, processes and methodologies to support compliance with Regulation (EU) No. 2016/679 (GDPR) and international data protection and security standards (ISO 27001/9001) • Adopt a program to protect the industrial networks supporting ship production (OT / SCADA security)
Fincantieri S.p.A. and Italian subsidiaries (Marine Interiors Cabins, Luxury Interiors Factory, Marine Interiors, Seanergy A Marine Interiors Company, Isotta Fraschini Motori, Cetena, Fincantieri Infrastructure, Seastema) |
• Minimize the risk of data loss • Reduce damage to image • Protect intellectual property • Comply with data protection regulations |
In 2021, all of the projects mentioned in the description/target have been completed with the aim of developing a central information technology system and industrial platforms to bolster protection of industrial networks. |
2021 |
RELATED TOPICS
Sustainability Governance
Our Governance model
Material topics
Our commitments
Sustainability Plan
Sustainability risks
Stakeholders
We support Global Compact
Memberships and participation in associations
Our performance
Reporting
