Group operating activities rely increasingly on the proper, uninterrupted functioning of information systems and network infrastructure in support of business processes. Human error, access by unauthorised personnel, vulnerable security systems, and/or system and network infrastructure breakdowns or malfunctions might negatively impact the performance of operating activities, cause the disclosure of critical, confidential corporate information, with consequent repercussions on the Group’s corporate image and/or the risk of statutory and regulatory violations. The Group has finished mapping the principal risks connected with the 10 most important information systems supporting core processes (production, purchasing, sales, and logistics). The risk was analysed on the basis of its impact on the Group if confidentiality were breached and according to the likelihood that the event occur in connection with the vulnerabilities existing in the system. Specific measures for the principal vulnerabilities were implemented for additional reinforcement of safety measures (physical, logic and infrastructure).