Investor Presentaiton slide image

Investor Presentaiton

SPIC BRASIL About SPIC Brasil Our energy comes from multiple sources Vision-driven progress Safety is the foundation of care GRI Summary 29 Cybersecurity In 2022, we incorporated cyber security into our IT division. This change decisively contributed to the discussions and implementations carried out by the Data Privacy Committee. Various procedures and policies that inform the work of this department and our company were reviewed, many of which focused on the Brazilian General Data Protection Act (LGPD) and information security. We also address vulnerabilities, ensuring a higher degree of security for our operations. This required the putting into practice of several simulation and invasion tests, which help us shield our applications. We reviewed information āœ“ security procedures and policies and addressed vulnerabilities to improve our operations. To achieve cybersecurity effectiveness, we understand that raising the awareness of our workers is crucial. That's why in 2022 we began producing and disseminating internal training content and trails related to the topic, and we intend to step this up a level over the course of 2023. DATA PRIVACY COMMITTEE In 2022 the LGPD Act remained unchanged. However, SPIC Brasil's Data Privacy Committee shall continuously monitor the law with the National Data Protection Authority, which submits an agenda of topics for regulation every two years. The Committee meets periodically to report on SPIC Group's Privacy Program and to update relevant market practices and monitor the sector agenda in Brazil. In 2022, we enlisted a consultancy firm to assess the program's maturity and we began making the suggested recommendations, based on an improvement plan for 2023. The project will be overseen by the company's Internal Audit.
View entire presentation