We are a strategic resource for the country, therefore, the protection of all our most valuable assets, whether they are human, know-how, real estate, IT, is of crucial importance to our employees, shareholders, and of course Italy.

 

With this in mind, we are committed to develop, incorporate and disseminate, within the Company, the best practices, standards and guidelines to identify, manage and mitigate our security risks in compliance with human rights, with the belief that effective prevention and protection strategies are an ethical as well as an economic value in management and business activities.

 

From this point of view, we ensure a constant process of incident and risk security management, aimed at guaranteeing the highest level of protection for employees and tangible and intangible assets in order to achieve our social and business development objectives.

With this analysis process and continuous improvement, we enhance the level of overall security, for which we seek a correct and conscious adherence of all employees, considering it an essential factor of success.


From our standpoint, the integrity of the business as well as the ethical and reputational aspects connected to it are a constant guideline. We are aware that the Company’s reputation is a strategic asset, and we value and protect it through a continuous risk-based strategy of preventive identification, analysis and mitigation of risks which also involves our strategic supply chain.
Attentive and vigilant to any possible interference of criminal nature that may, even if only potentially, affect the integrity of our business and of our activity within the market, we have established a strengthened cooperation with the Ministry of the Interior and with the territorially competent Prefectures. To this regard, we have stipulated Legality and Transparency Protocols unified since 2017 in a National Protocol aimed at promoting a widespread culture of legality safeguarding Fincantieri and our stakeholders’ trust.


Also in 2021, we have continued with the strengthening of the tools aimed at safeguarding human resources, material and immaterial assets of the Company and the supply chain, from criminal interferences of various nature, from social and political tensions and from vulnerabilities connected with them which have worsened following the pandemic crisis.
To this end, the Crisis Management system has been strengthened and contingency plans have been drafted both for Italian and for foreign sites. The plans are run by specific crisis committees (CMT) which include, in addition to the figures of the employers, the travelers and the heads of the competent Security departments and the Prevention and Protection Service (RSPP), also the heads of all the functions involved in the process of travel and personnel management.
A Crisis Management software platform is also active, allowing the committees to meet virtually and to manage any potential crisis situation either on the move or when the Company is not active (at night or during non-working days).
Moreover, in 2021 the training of the new components of crisis teams has continued.

WHICH OBJECTIVES DO WE HAVE ON THIS TOPIC?

Governance and business integrity: 2018-2022 Sustainability Plan objectives and targets

Commitment Objectives Description/ Target Benefits Status Timetable

Maintenance of the Corporate Governance system and risk management (including sustainability risk) in line with international best practice

Structure an Emergency Response & Crisis Management process in Safety & Security

Implement the project which consists of:

• Appointment of the Crisis Management Team (CMT) and deputies

• Periodic CMT training

• Definition of methods for activating and managing the CMT

• Virtual Crisis Management Room

• Definition of standards for future physical Control Room

 

Creation of a single CMT through official appointments, training and equipping a Virtual Crisis Room

Reduce decision-makers' engagement times in relation to recovery measures. Be resilient, and ensure regulatory compliance and reduction of damage to human resources, company property and reputation

 Achieved

 

In 2019, a Crisis Management system (abroad) was activated and, insofar, 15 contingency plans have been drawn up and updated for the most important foreign sites and locations where the Company operates.

2019

 

Implementation of the International Ship and Port Facility Security Code (ISPS Code)

Implement the project which consists of:

• Updating of the security plans for those sites subject to the ISPS Code

• Personnel training

• Drills

• Adoption of the security process methodology even in those sites where compliance with the regulation is not compulsory

 

100% Italian sites

Ensure:

• Regulatory compliance

• Resilience to criminal and/or terrorist threats

• A high level of expertise of personnel with security tasks

• Awareness of personnel who access the sites

 Achieved

 

In 2021, the implementation of the International Ship and Port Facility Security (ISPS) Code was concluded. The concerned methodology was also adopted by those plants for which the legislation is not mandatory. Moreover, training of Fincantieri employees continued with the provision of an interactive and customized e-learning course aimed at familiarizing them with security issues.

2021

CYBER SECURITY: 2018-2022 SUSTAINABILITY PLAN OBJECTIVES AND TARGETS

Commitments Objectives Description/ Target Benefits Status Timetable

Guarantee the protection of computer systems and data by minimizing the risk of network breaches, corruption of sensitive data or processes and develop the cyber security strategy for products and services

 

Develop a central information technology system and industrial platforms to bolster protection of industrial networks

Develop a central IT system and industrial platforms to bolster protection in order to:

Expand the perimeter of the technological protection infrastructure in order to counter modern cyber security threats (email security review, anti malware evolution, Sandbox development, upgrade SIEM software development, etc.)

Automate cyber incident detection and management processes

Develop tools, processes and methodologies to support compliance with Regulation (EU) No. 2016/679 (GDPR) and international data protection and security standards (ISO 27001/9001)

Adopt a program to protect the industrial networks supporting ship production (OT / SCADA security)

 

Fincantieri S.p.A. and Italian subsidiaries (Marine Interiors Cabins, Luxury Interiors Factory, Marine Interiors, Seanergy A Marine Interiors Company, Isotta Fraschini Motori, Cetena, Fincantieri Infrastructure, Seastema)

• Minimize the risk of data loss

• Reduce damage to image

• Protect intellectual property

• Comply with data protection regulations

 Achieved

 

In 2021, all of the projects mentioned in the description/target have been completed with the aim of developing a central information technology system and industrial platforms to bolster protection of industrial networks.

2021

RELATED TOPICS

Sustainability Governance

Our Governance model

Materiality Matrix

Our commitments

Sustainability Plan

Sustainability risks

Stakeholders

We support Global Compact

Memberships and participation in associations

Our performance

Reporting

Business Ethics