Siegfried has issued a Corporate Risk Management Manual that defines the processes and responsibilities of our risk management both at the corporate level and at the site level. A detailed overview of our approach to identifying and managing these risks is provided in the downloadable document “Risk management overview: Governance, processes and responsibilities”.

Siegfried’s risk management strategy is based on the principles of transparency, monitoring and prevention.

In addition to evaluating risks as part of our day to day business operations, we conduct yearly risk analyses including all sites and global functions, and involving all relevant risk owners and stakeholders. Our risk classification is based on five pillars, encompassing both short-term as well as mid- and long-term (evolving) risks: strategic, operational, financial, climate and external risks.

Each risk identified and assessed is monitored on a continuous basis and individually managed and mitigated in line with the following approach:

• Avoidance (eliminate, withdraw from or not become involved)
• Reduction (optimize – mitigate)
• Sharing (transfer – outsource or insure)
• Retention (accept and budget

We continuously improve our cybersecurity and data protection to ensure a comprehensive approach to protecting sensitive data and prevent Siegfried from data loss or data abuse.

Internal and external experts constantly work on improving our systems to meet enhanced security standards and guarantee compliance with legal regulations. Information security is managed in an Information Security Management System (ISMS) framework governed by an ISMS board, with cross-functional knowledge from IT, HR, Legal and Finance & Controlling.

External auditors and strategic customers in the pharmaceutical industry periodically review Siegfried and confirm our compliance with best-practice standards in legal and technical aspects. We prioritize awareness training for all employees, with regular training campaigns highlighting the fundamentals of cyber risk and any current threat patterns Siegfried might be exposed to.