Governance

We are fully committed to ensuring the security, confidentiality, and integrity of the information individuals share with us; our approach to data protection and security encompasses:

• Implementing control measures that, as a minimum, meet the requirements of the General Data Protection Regulation (GDPR).
• Ensuring that all personal data is processed lawfully, transparently, and securely.
• Ensuring individual’s rights are respected and protected, employing robust mechanisms to manage data requests, including where appropriate consent.
• Applying appropriate governance on data processing activities across global locations, in line with risk, impact and opportunity.
• Aligning cybersecurity practices with the Centre for Internet Security (CIS) Controls, a globally recognised framework designed to protect against the most prevalent cyber threats.
• Implementing a comprehensive set of controls to prevent unauthorised access, detect potential breaches, and respond swiftly to any security incidents.

• Embedding a culture of awareness for the protection of personal data and company confidential information; 
• Establishing criteria for monitoring our performance in relation to data protection governance, reviewing information and results for adequacy and seeking continual improvement.

NES Fircroft operates a cloud-based Learning Management System to offer staff continual opportunities to learn new skills and refresh their knowledge on business sectors, systems, and personal development or wellbeing.  Our Compliance & Keeping safety learning modules are mandatory for all staff and cover safety, welfare and compliance policies.

Along with country specific modules, our Compliance & Keeping safety frameworks includes training on topics concerning:

• Anti-Bribery & Corruption
• Business Ethics
• Data Protection & Data Security
• Health and Safety
• Equality & Diversity
• Fire Safety
• Integrated Management Systems
• International Sanctions