The well-being and safety of people and installations are key factors for the success of EDP Distribuição's business.
We are aware that the information we are entrusted with, including sensitive information, from Customers, Employees and Business, as well as that pertaining to energy distribution, must be managed in such a way as to ensure credibility vis-à-vis our stakeholders. This requires:
- Ensuring the availability, integrity and non-disclosure of information;
- Ensuring the principles of identification, authentication, authorisation, non-repudiation and auditability;
- Implementing efficient risk management on a regular and systematic basis;
- Incorporating information safety as the basic element of organisational culture, enabling employees to act as the first line of defence.
In this respect, EDP Distribuição has developed this Policy, aligned with best market practices, which forms the basis for the Information Security management and organisation system.
Non-disclosure- ensuring that information is not disseminated inappropriately to entities or processes;
Integrity - Ensuring the prevention of unauthorised modification and/or destruction of information;
Availability - Ensuring the accessibility of information wherever and whenever necessary without any undue delay;
Non-repudiation - Ensuring the evidence of events, thereby preventing denial of guilt by the offender;
Legal compliance - Ensuring respect for civil and criminal laws, regulations or contractual obligations and Information Security requirements.
This policy was approved by the Board of Directors of EDP Distribuição-Energia, S.A., on 11 July 2018.