Page 44 - Ipsos
P. 44

Information Classification: Internal Use
                                                                      Ipsos Book of Policies & Procedures


                         2.2    Core Principles


                   1) Corporate Documents and Strictly Confidential Information shall be retained for an appropriate
                   period (Retention Period) only, as required by law or business practice

                   2) Corporate Documents and Strictly Confidential Information shall be retained on an appropriate
                   medium as specified in this policy

                   3) Corporate Documents and Strictly Confidential Information shall be routinely destroyed at the
                   end of the Retention Period, in accordance with the Destruction Policy

                   4) Corporate Documents and Strictly Confidential Information shall be retained in a secure
                   environment, as specified in Section 5.1 - Access, Storage and Control of Strictly Confidential
                   Information

                   5) Clients Information and Research Data shall be retained according to ESOMAR code,
                   applicable local and international laws and agreements signed with clients.

                   6) The integrity of Documents and particularly of electronic Documents shall be a primary
                   concern. The Company will implement appropriate technological solutions which are designed to
                   safe-guard such integrity, by reference to metadata, capturing and retention at source (outside of
                   end-users’ control) access logs and audit trails etc., and the Information Manager shall ensure
                   that relevant business standards and codes of best practice are adhered to in this regard.

                   7) An Information Manager is appointed with responsibility for the implementation and daily
                   management of this policy, reporting directly to the Global CIO.

                   8) Legal Holds: No Documents or Files shall be destroyed, notwithstanding that their Retention
                   Period has expired and that they are due for disposal, if it transpires that they may be required for
                   regulatory or legal reasons, in which case they shall be further retained for as long as this
                   requirement applies. It will be a duty of any Employee to inform one of the following as soon as
                   he/she becomes aware of the likelihood of regulatory or legal reasons warranting a legal hold:

                   - Group Legal
                   - Group Internal Audit

                   - Global Information Security


                         2.3    Scope
                   The following Assets are covered by this policy:

                       1.  Information
                       2.  Environments used for storing information


                   Definitions and Abbreviations may be found in Appendix 1.







                                                   Page 4 of 22
   39   40   41   42   43   44   45   46   47   48   49