1 minute read
Good governance for sustainable growth
Enhancing data protection and cyber security measures
IndiGo safeguards the Company’s data, and that of customers and third-party vendors by maintaining a resilient cyber security infrastructure. A robust cyber security strategy, a multi-layered “defence in depth” approach, and stringent internal controls help safeguard information assets. All our employees are trained on Information Security norms at the time of joining. We expect our third-party suppliers and vendors to align with our cyber security standards as well.
Advertisement
Our senior management reviews our cyber security performance every month, while the Board of Directors provide insight during quarterly meetings. Led by the Director, Digital, our dedicated cyber security team collaborates closely with the business to assess risks and implement preventive measures. We regularly stress test and review our systems to ensure their robustness and responsiveness through breach simulation exercises to identify and address vulnerabilities proactively.
The Chief Digital and Information Officer (CDIO) and Director, Digital, spearhead our data privacy initiatives. Additionally, we have a data breach management policy that is incorporated into our incident management policy.
We utilise a range of technical, administrative, organisational, and physical security measures to safeguard personal information and ensure data privacy; covering the following key elements:
• Monitoring changes in privacy legislation and continuously enhancing related policies to ensure compliance and maintain best practices.
• Our contracts contain suitable covenants related to data confidentiality. Embedding privacy checkpoints throughout all business initiatives, following the Privacy-by-Design philosophy.
• Conducting thorough assessments of internal systems, online portals and vendor partnerships to identify and address potential privacy vulnerabilities.
• Employing encryption methods for information assets, in line with the Federal Information Processing Standards (FIPS), to enhance data protection.
• Implementing resilient and efficient data recovery mechanisms to ensure the availability and integrity of information, in case of any disruptions or incidents.
• Safeguarding sensitive digital content using Digital Rights Management (DRM) techniques to control access and prevent unauthorised use or distribution.
Supply chain management
IndiGo’s supply chain management strategy focuses on cost, and on-time and quality delivery achieved ethically and in compliance with regulations led by five guiding principles:
