Working responsibly


We have a duty of care to our people and our assets, and place high importance on protecting our investments, reputation and data. We need to remain vigilant to emerging threats and offer support, advice and training as necessary.

Keeping our people safe

We look to continually improve the support, training and advice we give to our people, subscribing to specialist tools to evaluate threats to personnel and assets across our locations and acting on intelligence from embassies, civil authorities and contractors.

Through our Journey Management System, employees can access plans and traveller guides before they travel and while they are away. In higher-risk locations, we have Security Management Plans in place and, where necessary, ground security teams to provide safe transit to hotels, airports and meetings.

We maintain support mechanisms for personnel working in or travelling to locations that experience general and specific security challenges, across the range of our activities and in relation to our footprint in each country. These include potential threats from natural seismic events and extreme environments. During new business assessments, we consider security issues as part of the initial investment process and new country entry procedure.

Security of assets

We regularly review the specific risks associated with issues such as offshore piracy. We maintain our own guidance to protecting our assets, but we also integrate them with our major service companies, sharing intelligence and response support where necessary.

Cyber security

With the increasing convergence between physical and cyber security management, we continue to communicate threats, strategies and improvement plans to maintain an holistic and collaborative approach throughout the Group.

We continue to safeguard our IT infrastructure and review arrangements to protect it from cyber security breaches and malware incidents. We also participate in industry bodies including the International Oil and Gas Producers (IOGP) Security Committee and take guidance from the Information Commissioner’s Office and the GCHQ-run National Cyber Security Centre. This increases our awareness of potential threats and helps us keep up with the measures needed to prevent breaches and data loss.