The CEO and CFO of the Group are regularly informed by the Head of Group IT on cyber security topics (CFO every four months; CEO at least once a year). In addition, the Group’s Head of Global Operations is informed on cyber security topics specifically related to the operational area at the monthly Group IT meeting, as required. The Audit Committee is also informed at least once a year about progress and developments in the area of cyber security. In urgent cases, the required Group level is informed without delay.
The Audit Committee also evaluates the future approach and the need to adapt processes within the Group regarding reporting in the area of cyber security. Furthermore, a pilot project is underway conducted to raise awareness of cyber security issues within the Group, which is expected to be implemented Group-wide in the business year 2023.
A Security Operation Center has also been established within the Group to monitor potential threats to the Group’s digital presence and procedures have been implemented to respond to cyber security incidents within the Group. Furthermore, cyber security is part of the existing risk management process within the Group, which is continuously further developed. There were no significant cyber security incidents within the Group in the reporting year.