Cyber security is becoming an increasingly regular topic for pension schemes. The introduction of the General Data Protection Regulation (GDPR) reaffirms the need for pension schemes and trustees to have an active cyber security review. This is supported by the Pensions Regulator’s (TPR) statement that pension scheme trustees need to take active steps to protect members and assets against cyber risk. These reviews should be completed on a proportionate basis and a number of key areas require careful consideration.
The guidance from PASA provides practical support for trustees in formulating a robust and effective review of how they safeguard their scheme from cyber security issues. It covers five main sections:
Risk Assessment
•
Governance
•
Risk Management
•
Controls
•
Incident Management
•
The National Cyber Security Centre also provides information such as the ‘10 steps to cyber security’ to help organisations protect themselves.
Chris Connolly, Chair of PASA’s eAdmin Working Group said:
“The lead up to the General Data Protection Regulations, introduced in 2018, saw cyber risk taking a steep hike up the trustee agenda. New technology and innovations present opportunity for increased efficiency, but also mean the potential security risks are growing in volume and sophistication. It’s important for trustees to have a clear view of these potential danger areas and actively reassess them over time. Our guidance has been designed as a practical means to help identify where all risks and responsibilities lie, enabling schemes to put together a robust and effective plan of action to be taken should the worst unfortunately happen.”
The guide can be found here and is accessible to all.
Back to Contents
PLSA invites FTSE 100 companies to discuss raising workplace reporting standards 13 June 2019
The Pensions and Lifetime Savings Association (PLSA) has invited UK business leaders to meet with pension schemes to discuss their reporting of employment models and working practices.
In a letter to FTSE 100 Chairmen, PLSA chief executive Julian Mund said pension schemes responsible for £2.2 trillion of UK savers’ money, believe a company’s workforce is critical to its long-term success. Understanding how a company treats its workforce is therefore crucial to pension funds’ decisions about which companies they invest in.
How UK companies treat, motivate and engage their workforces has been the subject of intense government and public scrutiny in recent years – and investors also believe a company’s workforce is critical to its long-term success.
Corporate employment models and working practices on issues such as workforce diversity, pay practices and mental health issues matter substantially to investors and the PLSA believe should figure prominently in companies’ annual reports. Failure to report this information also has the potential to negatively affect a company’s reputation. The letter to Chairmen follows a PLSA report published in April, ‘Hidden Talent 2: Has workforce reporting by the FTSE 100 improved?’, which found many companies fail to disclose workforce issues such as staff turnover, gender and ethnicity pay gaps, level of employee share ownership and supply chain ethics beyond the minimum statutory requirements. With new disclosure regulations on the horizon, including new rules to require trust-based pension schemes to formally develop an ESG policy and the updated UK Corporate Governance Code, the PLSA hopes that engaging with the UK’s largest listed companies will encourage them to improve their reporting practices.
The Chartered Institute of Payroll Professionals
Payroll: need to know
cipp.org.uk
Page 535 of 629
Made with FlippingBook - Online magazine maker