Information Security Policy

Objectives

To protect our information assets from any internal, external, deliberate or accidental threats. Kerry Logistics Network’s Information Security Management System (“ISMS”) is integral to our operation. We strive to assure the integrity of all information we disseminate, produce, manage or store, which is duly handled through sound confidentiality procedures.

Measures

We adhere to this policy and reach our goals by:

• ensuring that all information, including internal, third party, personal and electronic data, is treated with complete confidentiality;
• maintaining integrity of all such information;
• ensuring that our information system and the information contained meet the needs of our core and supporting business operations;
• complying with all applicable statutory and regulatory requirements;
• safeguarding security of our information assets through effective business continuity management;
• making information available to staff and the public with minimal disruption;
• increasing staff awareness of information security management through education and training;
• performing reliable access control to protect our information system against unauthorised access.

Under this policy:

• All breaches of information security, actual or suspected, will be reported to and investigated by authorised persons including System Administrator and Incident Investigator;
• Information Security Management Committee is responsible for documenting and maintaining the ISMS;
• Information Security documents not limited to Policies, Procedures and Guidelines will be made available in both hardcopy and online format through an intranet system to support the ISMS Policy;
• All managers shall implement the policy within their units and ensure that every staff member adheres to the policy.