Governance and Compliance Risk Digi is committed to ensuring our business operates ethically, lawfully and with the integrity for our longterm success. Non-compliance by Digi or business partners may result in reputational damage, financial penalties, or suspension of license to operate. Digi complied with the latest regulatory requirements and ensured sound corporate governance practices in all our processes. We have established a Governance Forum and a Governance, Risk and Compliance (GRC) Committee to strengthen existing governance structure and oversight. Constant evaluation of Digi’s business strategy, new technologies, products and services as well as government policies and regulations to identify and manage emerging risks Dedicated resources for on-going compliance monitoring across our business value chain Ensure integrated governance and holistic business partners and vendor management procedures Implement Certification Accreditation for ISO 37001 Anti-Bribery Management System Our Key Risks Key Risks & Descriptions 2021 Performance & Challenges Mitigation Actions Risk Movement in 2021 Decreased Capitals Data Protection Risk Digi’s customers share huge amount of data through our network which enables them to connect, communicate, and innovate.To remain as a trusted brand, we continue to be vigilant and take proactive initiatives to safeguard personal data of all our stakeholders. Digi continued to implement adequate measures to protect customers’ personal data in view of growing data consumption, heightened awareness on data protection and interventions by regulatory bodies. Digi has embarked on a comprehensive and structured privacy mapping programme to catalogue data inventory and flow.This will provide a holistic view on privacy related risks across Digi’s value chain. Regular scrutiny and data protection impact assessment by dedicated privacy and security teams Establish Privacy Control Framework Strengthen customers’ data protection and practice transparency in the way we collect and use their personal data Capitals Risk Movement in 2021 Unchanged Cyber Security Risk Digi constantly evolves and adopts new technologies to serve our customers better.These rapid evolutions bring about many new and emerging threats, which may expose Digi to malicious cyber attacks by a range of threat actors. Security defense architecture and controls have been strengthened to improve Digi’s security posture in mitigating the threat of external cyber attacks, system abuse, and internal vulnerabilities. Risks remained high due to remote working conditions and vulnerability of systems to potential data theft. Constant focus and prioritisation of investments were critical to ensure sustainable risk mitigation. Constant evaluation of our business strategy, new technologies, and processes to protect against cyber threats Improve detection and threat prevention through deployment of network security and defendable architecture with robust monitoring, awareness reiteration and up-to-date security training Implement identity and privileged access management tool to strengthen access control to critical systems Improve cyber security maturity governance to protect Digi against cyber risks Capitals Risk Movement in 2021 Decreased 35 Integrated Annual Report 2021 Governance Audited Financial Statements Other Information
RkJQdWJsaXNoZXIy ODU0MjU5