Notes to the Financial Statements
Cyber / Information security ClearView manages its cyber security exposure though a combination of approaches. This includes policies, processes, and controls at all layers of the technology environment to prevent and detect malicious attempts to obtain access to confidential and other information assets. An uplift in the control environment relating to cyber security is being managed through a dedicated project – Project Secure. ClearView also has in place a Cyber Insurance Program, that provides cover (at an appropriate level) for losses incurred due to, Damage to Digital Assets, Cyber Extortion, Data Protection Reputation Harm, Third Party Liability and Non- Physical Business Interruption and Extra Expense. Compliance and obligation management ClearView outlines its approach and minimum expectations to meet its legal and compliance obligations in the RMF. The RMF captures processes and activities that ensures controls are in place to meet the associated obligations as well as the attestations and quality assurance testing processes adopted in regard to compliance assurance.
Culture and conduct
A sound risk culture is integral to ClearView’s RMF. The approach to risk culture includes: • the establishment of a common purpose with clear objectives and expectations based on ClearView’s Code of Conduct; • a Risk Culture Framework (RCF) that enables a consistent understanding of a sound risk culture via a series of key attributes; • governance and conduct frameworks are in place to foster an ethical and sound culture through communications, continuous education and online training, a remuneration and consequence framework designed to promote accountability, encourage and reward appropriate behaviours; and • regular reporting and monitoring of risk culture indicators to enable an understanding of where issues may exist and provide an opportunity to address them in a timely manner.
92
ClearView Annual Report 2024
Powered by FlippingBook