01 Our sustainability approach 02 Sustainable investing 03 Active stewardship 04 Corporate sustainability 05 Appendix 04.3 Ensuring responsible business conduct Principles 3 5 Business risk is defined as the risk of 04.3.5 Fostering security and world. At the same time, our digital assets changes to government requirements not being able to reach the financial business resilience are evolving and expanding, and we are around the world. This coordination objectives in a given competitive market Data privacy and cybersecurity implementing new technologies to meet ensured that employees could move or regulatory environment. To monitor The Global Data Privacy function is growing business demand. efficiently and safely between remote business risks, the Risk Management part of Legal and Compliance and working and office locations to support function uses key risk indicators that cover includes regional Data Privacy Officers To manage cyber risks, we select best the firm and its clients. business and investment performance of and a Global Data Privacy Officer. practices from leading cybersecurity the management company, among others. The function informs, advises, and makes frameworks such as the International Our business resilience framework is a Ad-hoc and regular meetings are held recommendations on compliance with Organization for Standardization (ISO) or multi-tiered risk defence model supported between the Risk Management function applicable data privacy laws and the National Institute of Standards and by input from steering groups, a corporate and stakeholders in other functions to regulations, the Allianz Privacy Standard Technology (NIST). These frameworks set resilience organisation and every function discuss the current business situation and (APS) and other internal and legal standards for processes, controls, security within the firm. The programme is subject forward-looking developments. standards as well as guidelines. It works testing and reporting. to oversight by Allianz Asset Management closely with the respective Information (AAM). Annual self-assessments are Reputational risks are defined as risks Security Officers to ensure that adequate Since there can never be 100% protection submitted to AAM in accordance with of activities undertaken within the firm or data protection-related technical and against cyberattacks, we also implement group requirements, and the programme by employees outside the firm that may organisational measures are taken. controls and training to ensure effective is subject to regular audit reviews. result in unintended material negative recovery from a successful attack to impacts on stakeholder perceptions Strong cybersecurity is essential reduce the potential impact and duration The Business Resilience team is that could potentially impact AllianzGI’s for protecting systems, data and of business disruptions. responsible for managing the programme ability to do business. These stakeholders communications from intended and and ensuring that all business functions include clients, investors, the media, unintended misuse. Our cybersecurity Business resilience comply with the framework and policies. the public, regulators, and employees of programme is fundamental to the Business resilience incorporates business Business recovery plans are established AllianzGI and/or Allianz Group companies. sustainability of our business. We focus on continuity and disaster recovery and is an for each major function. This ensures key Prudent management of reputational designing, operating and monitoring an integral part of our service commitment business processes can be resumed in the risk is deemed essential in the overall appropriate level of preventive, detective to our clients. The importance of business event of a severe business interruption. risk framework. and responsive security controls. This is a resilience was evident during the Covid-19 Plans cover the most important risk priority as increasingly sophisticated attack pandemic when our Business Resilience scenarios for the loss of employees, methods affect organisations around the team constantly monitored the frequent facilities, technology, and third- party support. Allianz Global Investors Sustainability and Stewardship Report 2022 112