The Transparency Act

Netsecurity AS is subject to the Norwegian Transparency Act and complies with the duty of disclosure following due diligence. The content of the report follows guidance from the Norwegian Consumer Authority, the OECD Guidelines for Multinational Enterprises and internal procedures for risks and opportunities.

1. General description of Netsecurity's operations

Netsecurity's website contains a general description of its organization and area of operation. Here, Netsecurity makes it clear that the company is part of the Norwegian National Security Authority's approval scheme for incident management, ISO9001 and ISO27001 certification and creditworthiness. In addition, Netsecurity is Eco-Lighthouse certified. Netsecurity has offices in Norway and Sweden.

2. Netsecurity's management systems, policies and procedures

Central to the above-mentioned management systems is risk and deviation management, both related to quality, information security, health, safety, environment and social responsibility. Netsecurity has procedures for risks and opportunities, as well as its own set of definitions and templates for risk management, and the same applies to deviation management. The procedures for risk and non-conformity management are known to all employees. The company complies with the internal control regulations for HSE. Third-party audits are carried out.

In addition, the company has operationalized procedures for approval, follow-up, evaluation and termination of suppliers.

In its quality policy for the period 2022/2023, Netsecurity describes health, safety and the environment (HSE), ethical trade, human rights, anti-corruption and equal treatment. For the same period, Netsecurity has chosen to publish information on its website relating to corporate social responsibility and an overview of technology partners. The company's handling of non-conformities and incidents in the supply chain is published under both quality policy and corporate social responsibility.

3. Actual negative consequences and significant risks

Netsecurity's operations pose little threat to HSE and sustainability, as the company does not produce goods or services that harm the environment. Through environmental certification, our employees have become aware of their own consumption of goods and services.

As a major player associated with the IT and security sector, Netsecurity will take its social responsibility by being at the forefront and actively contributing to sustainable development through good return schemes, recycling, an inclusive working life, diversity and human rights - throughout the supply chain.

For the period 2022/2023, due diligence has been carried out in the form of risk analysis related to Netsecurity's management systems, quality policy, corporate social responsibility, competence and communication. Follow-up of service and product providers within the scope of the Transparency Act has been manual. No deviations have been identified for 2022/2023.

4. Risk-reducing measures associated with due diligence

The risk assessment associated with due diligence revealed medium risk associated with Netsecurity's operations in the following areas:

1. Competence level related to the Transparency Act
2. Audit needs for own governance documents
3. Supplier agreements, follow-up and dialog
4. Scope of Eco-Lighthouse certification
5. Strategy for HSE work and social responsibility

The following risk-reducing measures have been implemented:

1. Specialist managers have worked together to improve their skills in relation to the requirements of the Transparency Act, due diligence assessments, the content of the report and the reporting deadline in 2023, via the Consumer Authority's guidance, OECD guidelines, webinars and workshops arranged by legal suppliers.
   
   To ensure internal compliance, managers with personnel responsibility will be informed of planned changes in quality policy and publication related to social responsibility to comply with the requirements of the Transparency Act. Via Netsecurity's management declaration, all managers are required to operationalize, maintain and further develop quality management, security and privacy policy, HSE and social responsibility within their own area of responsibility.
   
   Netsecurity is also planning an internal information campaign at all meetings and kickoffs.
   
   
2. The company's quality policy for the period 2022/2023 described HSE, sustainability, social responsibility and human rights in detail. For the next period, the quality policy will be revised so that the HSE policy, human rights policy and ethical guidelines are separated into separate documents.
   
   
3. As part of the annual document audit, the governing documents for supplier approval, follow-up, evaluation and discontinuation will be checked and amended to include the requirements of the Transparency Act. The document audit was postponed until June 2023 due to the ongoing acquisition process. Service and product catalogs and supplier follow-up will be merged. It is appropriate to have a comprehensive and automated supplier evaluation and annual reporting, in addition to the ongoing supplier dialogue.
   
   
4. The Eco-Lighthouse certification currently held by Netsecurity and Data Equipment does not cover the scope of the Transparency Act.
   
   
5. As part of risk management for the merger process, an expanded scope of Eco-Lighthouse certification is being considered, as well as quantification of goals and strategy for the area of corporate social responsibility and sustainability.

5. Duty to communicate - part of the requirements of the Transparency Act

The due diligence assessments are presented to Netsecurity and Data Equipment's management team, together with guidelines from the companies' owners and risk-reducing measures.

For the period 2022/2023, Netsecurity and Data Equipment have carried out a coordinated response to customer inquiries related to the requirements of the Transparency Act in order to gather internal learning.

A binding text on the publication of a report in accordance with the requirements of the Transparency Act was included in the Board's annual report. The report is published on Netsecurity's website below: About us/Corporate responsibility

Read also Å Energi - Human rights and working conditions (in Norwegian)