Working responsibly

Security

We have a duty of care to our people and our assets, and place high importance on protecting our investments, reputation and data. We need to remain vigilant to emerging threats, and offer support, advice and training as necessary.

Keeping our people safe

We look to continually improve the support, training and advice we give to our people, subscribing to specialist tools to evaluate threats to personnel and assets across our locations, and acting on intelligence from embassies, civil authorities and contractors.

Through our Journey Management System, employees can access plans and traveller guides before they travel and while they are away. In higher-risk locations, we have Security Management Plans in place and, where necessary, ground security teams to provide safe transit to hotels, airports and meetings.

We maintain support mechanisms for personnel working in or travelling to locations that experience general and specific security challenges, across the range of our activities and in relation to our footprint in each country. These include potential threats from natural seismic events and extreme environments. During new business assessments, we consider security issues as part of the initial investment process and new country entry procedure.

In response to COVID-19, we implemented travel policies that limited or cancelled all unnecessary travel and enabled staff to work from home.

Security of assets

We regularly review the specific risks associated with issues such as offshore piracy. We maintain our own guidance to protecting our assets, but we also integrate them with our major service companies, sharing intelligence and response support where necessary.

Cyber security

With the increasing convergence between physical and cyber security management, we continue to communicate threats, strategies and improvement plans to maintain a holistic and collaborative approach throughout the Group.

We regularly review our arrangements to ensure we protect our IT infrastructure from deliberately malicious software. We communicate threats, strategies and improvement plans to maintain a holistic and collaborative approach throughout the Group, and have a dedicated cyber security manager and a 24/7 service partner that continually manage current threats and risks.

To stay on top of security trends, we take guidance from several industry bodies, including the International Oil and Gas Producers (IOGP) Security Committee; the Information Commissioner’s Office; the National Cyber Security Centre; and the National Institute of Standards and Technology.