For Solvay, information and information service-related risks refer to the inability to ensure continuity of services or provide information services adapted to the business needs.
Prevention and mitigation
- The Group uses a dedicated data network and regional internet gateways that are managed by a trusted service provider. The critical data and applications are hosted in a data center operating in accordance with professional good practices, ensuring recovery capabilities in the event of an incident.
- In 2016, disaster recovery and crisis management tests were carried out for the data center as well as the main service centers and regional offices of Solvay’s Business Services (SBS), involving various crisis scenarios.
- IT general controls are applied to critical information systems and are audited for compliance both internally and externally. Solvay has developed an annual IT audit program to ensure compliance with information systems security policies.