Group Security Policy

Transcription

1 Our commitment to good business Focusing on health, safety and security 6 Version 1 July 2014

2 Our Business Principles 1 Demonstrating integrity in corporate conduct 2 Ensuring openness and transparency 3 Respecting human rights 4 Enhancing customer experiences and business partnerships 5 Valuing our people 6 Focusing on health, safety and security 7 Protecting the environment 8 Investing in communities Our commitment to good business Your commitment Introduction Responsibilities Actions / 10

3 Our commitment to good business Business Principles and Group Policies Our purpose is helping people today and securing energy for tomorrow. Our Business Principles and Group Policies are the foundation for how we operate to achieve this purpose. More than a tick box for compliance, how we conduct business defines us in the eyes of our people, our customers and our wider stakeholders. We are committed to ethical and responsible practice, as one business, with one set of Business Principles and Group Policies. Together, our eight Business Principles, which set out the operating standards we expect, and our Group Policies, which support these Business Principles, are our commitment to good business. The standards our people expect of themselves and one another are very high, and reflect the nature of our business, and our place within it. Our Business Principles and Group Policies are here to help us make the right decisions and provide guidance when needed. Your commitment We remain a principled business as a direct result of every single employee conducting themselves with integrity. Every decision you make impacts those around you. You also need to know that you can rely on responsible and ethical decisions made by others. You, along with everyone else involved in Centrica s business and operations, have a personal responsibility to adhere to these principles and policies and to conduct business legally, responsibly and ethically. You must be confident about those decisions. Adhering to these principles and policies will give you that confidence. Your commitment regarding this policy You are responsible for upholding our Business Principle of Focusing on health, safety and security. We are committed to promoting the security of our employees, customers, and others who might be affected by our activities and assets. As an employee or a contractor you are also responsible for these areas and have a duty to report security incidents and concerns. 03 / 10

4 04 / 10

5 Introduction We support our Business Principle by putting processes in place that identify security threats and risks, using effective control and mitigation measures and safeguarding our employees, contractors, assets and information. We also support the principle by following best practice and national and international laws. Scope Our applies to everyone, whether you are a full-time, part-time, contract or temporary employee, and extends to all our majority-owned business dealings and transactions in which we or our subsidiaries and associates operate. Where we have a minority interest, you need to encourage business partners, including contractors, suppliers and joint venture partners, to apply this policy. It should be applied together with the policy documents and guidance on page 7. Purpose This policy outlines what you can expect from us in terms of the security of our company, employees, contractors and other stakeholders, and its assets. It shows the actions we will take to identify and mitigate security incidents and also explains your responsibilities and what is expected of you. 05 / 10

6 Policy We are committed to: assessing, understanding and managing security risks enabling the creation of a positive security culture that supports the business empowering and engaging employees through security awareness and training investigating security incidents appropriately and promptly, and taking necessary actions to avoid them happening again reporting security incidents and concerns working with suppliers and business partners to achieve our security strategy promoting your protection as employees, as well as our assets, information and operations, and striving for continuous improvement ethically conducting security by adhering to national and international laws and regulations while respecting human rights. 06 / 10

7 To fulfil these commitments, we will comply with the Group HSES Security Standard which in turn has four parts, namely: Asset Security provides directions on the use of CCTV, access control, technical surveillance counter measures, unauthorised visitors at Centrica locations, bomb incidents, threats and guarding. Physical Information Security covers the disposal of sensitive information and clear desks. Security Assurance includes information on Security Risk Registers, security risk identification and management, reporting security incidents and concerns and compiling a security strategy. Also, part of this framework includes the Group Crisis Management Standard which provides direction on incident and crisis management. Personal Security includes travel security, training and awareness, workplace violence prevention, security inductions, use of chauffeurs and event security. For further information visit: This policy is a key part of Centrica s strategy and is underpinned by a framework of security standards, guidelines, processes and procedures, which is available here. 07 / 10

8 Responsibilities Everyone Security is your responsibility. You need to heed this policy and understand our commitment to focusing on security, taking it into account when making decisions. Group Chief Executive The Group Chief Executive is responsible for implementing this policy, which is done within the wider framework of managing HSES and will be reported regularly to the Centrica Board of Directors. Managing directors Managing directors of business units and corporate directors are responsible for ensuring that the business areas under their control implement and maintain security arrangements appropriately, in compliance with all relevant security legislation and regulations. 08 / 10

9 Actions what happens next If you have concerns about any security issue, please report this to Any immediate incidents can be dealt with 24/7 using the Group Operations Centre (GOC) on or +44 (0) from abroad. Other concerns can be raised through the confidential Speak Up helpline on or through Training and communications You will learn about this policy through our internal communications channels and relevant guidance across the Group. You should also tell suppliers, contractors, business partners and others we engage with about it. Monitoring and review The Centrica Executive Committee will review how this policy is used, especially its suitability, adequacy and effectiveness, and improve it where appropriate. It will report the results periodically to the Group Audit Committee, which will assess its adequacy independently and disclose any material non-compliance in the Annual Report to shareholders. Internal controls and audit Centrica will establish ways to gather information to maintain accurate records regarding this security policy. Regular audits of internal control systems will provide assurances that the security policy, its standards and associated framework are effective in promoting the safety and security of our employees, contractors and assets. Related policies and documents Building a Better Business: A Guide to Sound Business Practice Group Acceptable Use Policy Group Health and Safety Policy Group Human Rights Policy Group Information Security Policy Managing Integrity Risk: Group Financial Crime Policy Dawn Raid Support Pack 09 / 10

10 Version 1 July 2014 Stuart Seymour Stuart.Seymour@centrica.com +44 (0) / 10