Since the outbreak of the pandemic, survivability has been a foremost consideration among most businesses. It has added to ongoing sustainability-related risks such as extreme weather events, cyberattacks as well as data breaches. In addition to our Risk Department monitoring and managing these risks, since COVID-19, we have activated our Pandemic Emergency Management Plan while also setting up stringent COVID-19 Safety Procedures.

In addition, we have begun to build a robust Business Continuity Management (BCM) framework to ensure the ability to maintain essential business functions in the event of any unexpected crisis. Work on the BCM framework began at selected business units since 2020.

To manage our supply chain risks, several of our business units have been working together with their suppliers and business partners to implement supply chain continuity guidelines. We have also initiated efforts to improve Group-wide sourcing practices, focused on mitigating future disruptions while enhancing effectiveness and efficiency. These efforts leverage Artificial Intelligence (AI) and other emerging technologies to create greater visibility of our supply network and the ability to cultivate an agile supply chain.

As we continue to digitalise our operations, we recognise the need to protect our systems and Information Technology (IT) platforms against cyberattacks. Towards this end, we have implemented a Group-wide IT Policy as well as a Group-wide Cybersecurity Management Policy.

In 2021, we also engaged a third party to conduct a Group-wide cyber risk assessment to determine our level of exposure to cybercrime as well as the liabilities we face from our IT vulnerabilities. The assessment allowed us to evaluate the strength and vulnerabilities of Boustead’s IT asset management programme and to outline corrective actions to improve our security pasture from a technical, financial and compliance standpoint.

To be prepared for any possible crisis, we also established a Group-wide Cybersecurity Emergency Response Team (CERT) to provide a structured framework for the detection, response and recovery from any serious cyberattack.

Meanwhile, to further strengthen our IT capabilities, we are developing and mobilising IT talent to ensure continuity across all businesses.