69 About Strategy and Governance Our People Our Business Our Outcome AppendixOur IT Incident Management ProcedureA dedicated global Information Security team is available via a 24/7 hotline to respond to urgent security matters or IT incidents, such as breaches of confidential information. We also work with a third-party vendor to perform aroundthe-clock security monitoring. This vendor will first review security alerts raised as a result of this monitoring process. Confirmed incidents are forwarded to DKSH%u2019s Security Operation Center (SOC) team for further action. The SOC team has a set of defined incident response playbooks to deal with various types of security incidents. Severe incidents will be dealt with by our major incident response team until they are sufficiently resolved. Training and Awareness-RaisingWe train our staff on various topics relating to information security. In 2023, about 17,400 employees out of about 18,000 for whom the training is intended completed the security awareness online program. This means 96 % of the target group completed the training (2022: 96 %). DKSH%u2019s main digital and IT hub is located in Malaysia. Each market has its own local IT team responsible for in-country technology needs and support. We provide regular Group-wide cybersecurity awareness training to all employees with access to computer devices via the DKSH learning platform. In addition, digital and IT newsletters and ad hoc digital and IT newsflashes help maintain awareness of sensitive topics across all markets.CertificationsOur Corporate Shared Services Center%u2019s SAP information system infrastructure has been ISO 27001:2013-certified since 2018. Since gaining this certification, we have conducted several surveillance audits to ensure process adherence. We passed our latest ISO 27001:2013 surveillance audit in September 2023. Our quality assurance team ensures that the required standards are met on an ongoing basis.Our digital and IT systems undergo regular independent audits by external stakeholders and the Group%u2019s Internal Audit team. Additionally, the Group IT Security team reviews IT infrastructure on a regular basis. Our business continuity and contingency plans and incident response procedures are tested twice yearly.%u2023 GRI 2-27, GRI 418-1