INTRODUCTION OUR PLANET OUR SUPPLY CHAIN OUR PEOPLE OUR COMMUNITY ABOUT THE REPORT
Data Security
Our work in pursuing data security encompasses all company processes aimed at protecting our valued customers’ data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
We developed our security program using best practices based on industry standard frameworks, including the National Institute of Standards and Technology (NIST) CSF and NIST 800-171; ISO 27001; the Center for Internet Security (CIS) as it relates to procedures, processes, training and awareness and critical technology controls; and SANS CSC. Parts Authority periodically tests the security program’s e�ectiveness by facilitating both internal and external independent assessments.
The technology team has enhanced cybersecurity this year by implementing an Advanced Endpoint Threat Protection System, Intrusion Detection/Protection System, Security Information and Event Management System, Security Operations Center, Threat Intelligence Reporting, Managed Defense, Malware Forensics, Network Forensics, and Advanced Persistent Threat Hunting. The Company intends to continue to provide cybersecurity awareness training to its team members.
COMPANY RECORDS & DOCUMENT RETENTION Records created, received or used during the conduct of Parts Authority’s business are at all times the property of the company wherever those records may be located (including emails sent and received through our email system). At any time, Parts Authority and, in certain circumstances, third parties (including government o�cials), may review these records in accordance with applicable law.
46 Sustainability Report 2023: The Composition of a Responsible Organization
Made with FlippingBook interactive PDF creator