Our success is founded on collaborative, ethical and sustainable leadership. DKSH’s Board of Directors and the Executive Committee are responsible for defining the business strategy and assuring its execution, including sustainability. They are committed to upholding strong governance standards representing the interests of DKSH and its stakeholders. A sustainability team, led by Group Governance Risk & Compliance and Group Investor Relations, is supporting management in addressing material sustainability topics.
Our values and beliefs are enshrined in our Code of Conduct, adopted by our Board of Directors and made available to all our employees in English and local languages. Employees need to formally adopt the Code upon joining and receive periodic training to ensure that the Code is followed. We place great emphasis on hiring and retaining people who share our values and who, through their integrity, protect our business as well as that of our clients and customers.
We operate as an intermediary between our clients and customers. For parts of our service delivery, we also rely on third parties. DKSH does not maintain relationships with third parties that do not act in line with our principles and standards of doing business. To further emphasize this, we introduced our Supplier Code of Conduct, which sets out clear expectations on issues such as labor rights and anti-corruption.
Successful ISO 27001:2013 certification for IT security management
“Our clients and other stakeholders want to feel confident that we are handling their data responsibly and are addressing cybersecurity risks. Our global information security management system underpins our approach to safeguarding our data. In 2017, Group IT Security embarked on a journey to get our systems certified to the ISO 27001:2013 standard. Beginning with our SAP Infrastructure, we consulted an external auditor who provided professional guidance and readiness before accredited certification body TUV Nord performed the certification audit. The DKSH Corporate Shared Services Center (CSSC) SAP Infrastructure was certified to 27001:2013 in 2018.
Going through this process has made us more aware of how we handle data, and how we can safeguard business information. It also helps us demonstrate to our business partners that we meet their requirements.
We will conduct quarterly internal reviews to maintain the SAP infrastructure system in collaboration with the Quality Assurance team. We are also planning to achieve certification for the remainder of the CSSC IT systems.”
Siva Vijayandran, Senior Manager Group IT Security, CSSC Malaysia