Sustainability Report 2021

Sustainability at IMD 12

Whistleblowing Policy The Whistleblowing Policy ensures that any concerns raised regarding any misconduct or improper state of affairs or circumstances in relation to IMD’s business are dealt with effectively, securely, appropriately, and in accordance with the applicable laws. Anti-Bribery Policy The Anti-Bribery Policy encourages the reporting of any instances of suspected unethical, illegal, corrupt, fraudulent, or undesirable conduct involving IMD’s business and provides protections and measures to individuals who make a disclosure in relation to such conduct without fear of victimization or reprisal. Keeping information safe in the digital age IMD achieved ISO 27001 certification in 2021, providing a structured approach to protecting information. The certification manages risks related to the potential theft of data (confidentiality) as well as how information could be wrongfully manipulated (integrity), or even rendered inaccessible (availability). This certification reduces customer audit needs and demonstrates to our clients and stakeholders that IMD takes information security seriously. ISO 27001 requires that IMD’s information security program is documented, communicated across the institution, and reviewed regularly by the Executive Committee. As part of this process, IMD employees became aware of five new policies that every employee must comply with for the protection of information at IMD: Information Security Policy, Access Control Policy, Acceptable Use of Information and IT Systems Policy, and Supplier Policy. Data Security and Privacy

Digital Security at IMD

Security alerts or suspicious activities handled

280+

Employees and affiliates have Multi-Factor Authentication

100%

Security Awareness Trainings delivered

950+

25 MILLION EMAILS RECEIVED

Good

58%

Spam

40%

Phishing

2%