Together with our Guidebook for Success, internal policies and guidelines govern our activities. They provide our company with clear guidelines on how to tackle our everyday work in a manner that is consistent with our values. In particular, PMI’s global policy on data privacy sets a standard for privacy governance and accountability.
PMI’s Global Privacy Program (GPP) sets standards for data privacy and security across markets and functions. It governs the collection, processing, and sharing of personal data by PMI affiliates. Our privacy team regularly reports to PMI’s Corporate Risk Governance Committee on the business’ adherence to the GPP.
We use information systems to help manage business processes, and collect and interpret data. We also use these to communicate internally and externally with employees, suppliers, consumers, and customers. Specialist third-party service providers manage some of our information systems and we work with internal specialists to protect systems and data from unauthorized access.
Employees and contractors play a fundamental role in protecting data. By being aware of potential threats and reacting to them appropriately, our community can help keep PMI secure. In 2021, we provided our workforce with renewed training to assist everyone with identifying and reacting to key cyber threats such as phishing and social engineering attempts. We complement our training with regular simulated phishing campaigns addressed to our entire workforce to help everyone to practice recognizing and reporting phishing attempts and to identify any weaknesses in advance of any real attempts that the business might face.
We also maintain a popular hub of resources on information security awareness, which is accessible to all employees and contractors. These resources not only focus on good security practices to protect user accounts and data from cyber risk, but also help our team remain vigilant to the indirect risks that can arise from activities like online shopping or connecting to wireless networks. To support our employees working remotely, we have adapted our network and systems and have released guidance to help remote workers to secure internet connections and manage paper documents outside our offices.
PMI has a sophisticated and integrated program to manage cyber risks, to protect PMI’s data, and to safeguard the privacy of consumers and customers.
This online content about our Integrated Report should be read in conjunction with PMI’s 2021 Integrated Report. The information and data presented here cover the 2021 calendar year or reflect status at December 31, 2021, worldwide, unless otherwise indicated. Where not specified, data come from PMI estimates. Please also refer to 'This report at a glance' on page 5 of the 2021 Integrated Report for more information. Aspirational targets and goals do not constitute financial projections, and achievement of future results is subject to risks, uncertainties and inaccurate assumptions, as outlined in our forward-looking and cautionary statements on page 252. In the 2021 Integrated Report and in related communications, the terms “materiality,” “material,” and similar terms, when used in the context of economic, environmental, and social topics, are defined in the referenced sustainability standards and are not meant to correspond to the concept of materiality under the U.S. securities laws and/or disclosures required by the U.S. Securities and Exchange Commission.