We are a people-driven organization committed to health and wellness, reinforcing safety and well- being especially during the pandemic.
DMPI is committed to the highest standards of corporate governance and supports the principles advocated by the Philippine Stock Exchange and the Securities and Exchange Commission.
DMPI has a strong corporate governance structure that ensures that Management is accountable to the shareholders and stakeholders and operates in an ethical and responsible manner. The Company’s Board of Directors directs the long-term strategy of the Company, evaluates the performance of Management, reviews material issues, and provides guidance on matters relating to governance.
Preferred share listing in the PSE led by Director Edgardo M. Cruz Jr. and COO Luis F Alejandro
Del Monte Philippines Inc. (DMPI) is committed to the highest standards of corporate governance as it supports the principles of openness, integrity, and accountability advocated by the Philippine Stock Exchange, Inc. (PSE) and the Securities and Exchange Commission of the Philippines (SEC).
1. Anti-corruption training is provided to management and certain personnel that may potentially interact with government officials, including personnel from Legal, Accounting, HR, Procurement, Internal Audit, Operations and Accounting in foreign subsidiaries. The training is provided to this group biennially and training is tracked and followed up by HR to ensure its completion.2. Del Monte Philippines, Inc. (DMPI) has a manual on Corporate Governance that embodies the Company’s governance framework. The Company’s Board has approved DMPI’s related party transactions and interested party transactions policies.
3. The Company has a Code of Business Ethics which directors, management, and all employees adhere to. All employees are required to disclose related party transactions and conflicts of interest.
4. DMPI has a stringent policy against fraud and corruption. The Code of Business Ethics is supplemented by the Employee Code of Conduct and Supplier Code of Conduct to guide employees and suppliers in making decisions every day.
5. Training on the Code of Business Ethics, Employee Code of Conduct and Supplier Code of Conduct is part of the onboarding of new employees which includes related party transactions, conflict of interest, anti-corruption and fraud.
6. The Company’s whistleblower hotline is accessible to employees, suppliers, customers and other third parties, translated in different dialects.
7. DMPI updates its Business Continuity Plan (BCP) annually to prevent threats and disruptions. The pandemic did not create a substantial disruption to the Company since its BCP was in full gear.
In this Information Age where data is considered the new currency, data protection, privacy, and cybersecurity have never been more important. As data processing evolves and companies increase their reliance on big data, the risks of data breaches and potential misuse of personal and sensitive information have become more apparent and, in many cases, have given rise to new laws and regulations worldwide.
In response to this challenge, the Company has strengthened its commitment to protecting the personal data of its various stakeholders, including its employees, shareholders, customers, contractors, business partners, and suppliers. The Company has adopted a Data Privacy Manual which codifies the Company’s commitment to ensuring the free flow of information to promote innovation and growth, and for the proper management of its businesses, while at the same time ensuring that the subject’s fundamental right to privacy is respected.
With evolving privacy laws and regulations, the Company needs to more carefully navigate the changing legal environment while remaining steadfast in its commitment to data privacy. The same applies to cybersecurity laws and regulations which have also become increasingly more complex. Companies can be subjected to fines, injunctions, government audits, and, in more serious cases, criminal liability.
1. To ensure data protection in an unsecured environment, more features have been added to our endpoint protection, such as the Endpoint Detection and Response. The cybersecurity program is also being aligned with ISO27001:2013.
2. In the Philippines, Del Monte implemented sets of guidelines and procedures based on its Information Security Manual that adopted the standards of Information Security Management System (ISMS) and principles of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
3. DMPI security includes firewalls, web filtering/anti-virus/anti-malware protection, advanced persistent threat protection, ransomware protection, data encryption, a strong password policy, and OKTA multi-factor authentication.
4. User setup/deactivation and access rights follow required approvals from both Operations and IT. The networks for DMPI are also physically and logically segmented.
5. DMPI updated and replaced outdated end-of-life/end-of-support network switches and devices to ensure that security configurations and patches are current.
6. Del Monte in the Philippines is using CISCO Identity Services Engine (ISE) to automate the management of security and network access policies for endpoint devices.
CISCO ISE provides full visibility into everything connected to the network in real-time. Coupled with the Cisco AnyConnect Secure Mobility Client, CISCO ISE scans devices trying to connect to the network for security-related compliance requirements including operating system, security settings, anti-virus, anti-malware, etc. Non-compliant devices are prevented from accessing the network even if proper user IDs and passwords are provided.
CISCO ISE permits access only to a pre-defined segment of the network. The guests’ devices are confined within a separate visitors segment of the network.
7. Endpoints are protected by Sophos Advanced Endpoint Security solution with detection and response capabilities. These solutions are superior to strengthen data protection.
8. Internal Audit (IA) conducted a control self-assessment of DMPI’s back-up policy and procedures of individual user files excluding server files. IA’s review involves conducting surveys on regular employees and third party partners to determine appropriateness of its back-up policy and procedures.