KEMBAR78
Digital & SIP Training Security Training Module.pptx
Uploaded bysurnil7785
PPTX, PDF57 views

Digital & SIP Training Security Training Module.pptx

Training

Education◦
Download to read offline
Security Training and Threat Awareness • Minimum Security Criteria • Internal Conspiracies • Container Inspections • Threats • Code of Conduct • Incident Reporting
Security & Confidentiality Training ● All employees, including contractors, shall sign a confidentiality agreement as new employees and annually thereafter. ● Security training shall be imparted to all employees as part of induction and annual refresher ● Data privacy & security, confidentiality, intellectual property security measures, information protection measures, breaches of confidentiality, and personal responsibility shall be covered in the training ● Suspicious Security Activities Reporting shall be encouraged as part of the training session scope.
Confidentiality Agreement ● All staff shall sign a nondisclosure, confidentiality agreement or oath as new employees and annually thereafter. ● The confidentiality agreement shall state that the employee agrees not to disclose any company sensitive information to any unauthorized persons. ● The agreement shall be maintained in the employee’s personnel file.
Physical Security • Fencing • Gates and Gate Houses • Parking • Building Structures • Locking Devices • Lighting • Alarms & Video Surveillance
Physical Security ● Boundary / Fencing shall be solid wall cement construction with 6 feet height & above ● Must touch the ground and not have gaps, holes, or sections in disrepair ● Periodical inspection of the fencing for damage and integrity and make necessary repairs ● Doors and Windows of buildings must be secured properly with locking devices or access control devices. ● Adequate lighting systems for effective surveillance of the facility
Physical Access Control ● Security shall ensure that they allow access to authorized individuals only. ● All authorized individuals shall wear & display identity cards for security identification at gate ● Access control devices shall be installed on all critical areas viz. IT room, Labs, IP, SIP, FG area, etc. ● Personnel access shall be restricted to only legitimate business areas of access ● Issuance & removal of access control devices & electronic access permission shall be done by HR / IT / Security team ● All perimeter & interior access portals shall be secured, manned & monitored
Vehicle & Personnel Control Preventing unauthorized vehicles from entering the premises to minimize threat to cargo, electronic cargo files and SIP. ● Vehicular checks shall be done at main gate by security ● Record keeping of all vehicular access within the company premises by security ● Vehicles shall be thoroughly examined by security at gate for any explosives, prohibited items and drugs. ● Vehicles shall be parked at their designated parking areas and that personal vehicles are not parked in or near cargo loading and storage areas.
Visitor Management Identifying, recording and restricting the movement of visitors to prevent access to cargo, electronic cargo files and SIP areas where it is created, stored or processed. ● Visitor shall have a legitimate business need for purpose of visit to facility, ● Visitor shall present a valid photo ID proof for registration ● Visitor shall be issued a Visitor badge by the security ● Visitor & Visitor vehicle shall be frisked by the security at the gate ● Visitor shall be escorted at all times by the host employee ● Visitor’s arrival and departure shall be recorded in the visitor logbook
CCTV / Video Surveillance System ● CCTV for 24 hours security surveillance of the premises shall be installed. ● CCTV Control room shall be monitored by authorized security staff ● 90 days back up of the CCTV footages shall be maintained ● Alternate power supply shall be provided for continuous CCTV operations during power outage ● CCTV line of sight shall be clear and unobstructed ● CCTV shall have coverage of cargo handling & storage, seal storage, FG cargo handling & storage, SIP, IIT inspection & storage, server, lab areas.
Patrolling Procedures & Reporting ● Security shall have proper patrolling of the facility both internally and externally. ● All personnel shall be encouraged to report suspected security incidents ● Facility management shall initiate internal investigations in response to security incidents. ● Security incidents shall include but shall not be limited to: Seal changes, Cyber security threats, Altered, suspicious or broken seals, Unauthorized entry into IIT or conveyance storage areas, Unauthorized release of sensitive information, Cargo overages, shortages, damages, suspicious packages & parcels, unauthorized entry, etc. ● Facility management shall outline the facility’s internal escalation process and contact information
Conveyance Security Inspections Seals Storage
Container Inspection 7-Point container inspection
Container Inspection Conduct a systematic inspection
Container Security ● IIT inspections shall be performed by trained security under the CCTV view ● IIT Inspections must be in place to address human smuggling and concealment. ● Protections must be in place to protect against smuggling, contraband & terrorism ● IIT inspections shall be performed on empty containers, prior to loading and loaded containers while passing through gate. ● Empty IIT inspection, pre-loading inspection and gate inspection checklist shall be filled by the security supervision ● Designated representative shall be available to oversee and monitor the loading of cargo ● IIT loading shall be done under CCTV surveillance ● IIT loading CCTV footages shall be retained for 90 days ● Seals shall be correctly affixed on the IIT using VVTT method immediately after loading
IIT Seals ISO 17712 Compliant High Security Bolt Seal Look for the “H” stamped on the seal: Locking body Steel rod or bolt
Seal Security Seals shall be stored in a secure area and a regular inventory of seals shall be conducted to ensure that all seals are accounted for and not utilized for illegitimate purposes. ● Seals shall be stored in a secured, access-controlled or in a password protected digital safe under CCTV surveillance ● The volume of seals purchased shall be consumed within a 12-month period ● A comprehensive seal log shall be used to record and control seals ● Regular audits shall be performed to verify the seal logs against seal inventory. ● The seal inventory and issuance logs shall be accurate. ● ISO 17712:2013 or later compliant high security seals shall be use ● Seals shall be properly inspected using the VVTT method ● Seal certificate of conformance shall be available
Container Seals… Seal Affixing Process:  Only designated, authorized employees must distribute and affix container seals for integrity purposes. The fewer people who have access to seal(s), the better!  Unauthorized employees must never handle container seals!
Seal Inspection… Seal Verification and Inspection Process:  A seal inspection process should be implemented throughout the supply chain.  The V.V.T.T. Seal Inspection Process is a good example of one: V – View seal & container locking mechanisms. V – Verify seal number for accuracy. T – Tug on seal to make sure it is affixed properly. T – Twist & Turn seal to make sure it does not unscrew.
Seal Inspection… Seal Verification and Inspection Process:  View seal & container locking mechanisms. Excessive damage to the seal or locking mechanisms must be reported to a Supervisor before opening the container. Seal Verification and Inspection Process:  Verify seal number for accuracy.  Compare with shipping documents, and look for alterations to the seal numbers!
Seal Inspection… Seal Verification and Inspection Process:  Tug on seal to make sure it is affixed properly.  Seals that come apart must be reported to a Supervisor before opening the container.  Human error might cause this to happen, or the container might have contraband inside! Seal Verification and Inspection Process:  Twist & Turn seal to make sure it does not come off.  Seals are threaded, so they can be unscrewed.  These altered seals are reusable throughout the supply chain for multiple attacks!
• Twist & Turn seal to make sure it does not unscrew • Seals that are previously cut off from imported shipments can be used to create duplicate seals. Tampered Seals Seal affixed on container Cut seal mutilated for future use
Records Retention & Destruction Policy ● Records shall be classified as per their information content ● Records retention policy shall be defined ● Records shall be stored in a lock & key cabinet. ● Records shall be destroyed through crosscut shredder
Electronic Data Security ● Computers, Fax Machines, and Printers ○ Always use passwords with a minimum of 7 characters comprised of numbers and letters. ○ Do NOT share passwords with anyone. ○ Do NOT sign on and allow someone else to access data. ○ Restrict printer and fax access space and they should be maintained in a secure locked space. ○ Only use printers that do NOT store information on an internal hard drive.
Electronic Data Security ● Electronic Databases ○ Electronic databases should be maintained on secure servers with backups preformed regularly on secure servers. ○ Only required staff should have access to databases with the minimum level of access granted to fulfill job responsibilities (i.e., read only access). ○ Do NOT share passwords with anyone. ○ Do NOT sign on and allow someone else to access data. ○ Once access is no longer required, user accounts should be deactivated.
Electronic Data Security ● Electronic Databases ○ Pen drive access shall be restricted to authorized personnel only with “Need to Know” access basis ○ Data sharing on personal gadgets viz. hard drives, mobiles, floppy drives shall be prohibited ○ Data sharing shall only be done via official transfer file system ○ Data should be encrypted if removed from the secure server and always encrypted before transfer ○ Back-ups should be encrypted, if possible, before being copied to a secure location.
Protecting digital and physical SIP and electronic cargo files • Facility shall conduct regular training programs which shall mitigate the risk of human error for SIP leaks and supply chain risks. • Training conduct shall make the staff understand both what they need to do and why it is important and that they shall be much more likely to execute the required security controls with the precision and consistency needed to make the controls effective. • Facility shall conduct some training and training topic shall be into short modules that shall be trained to different individuals as appropriate. Some employees shall need more than one module as their responsibilities span different aspects of handling sensitive assets or perform different roles in the supply chain. • Regardless of role, everyone that is part of the Supply Chain shall have regular training on the importance of CTPAT, AEO, and Hasbro supply chain security controls. • Training content shall emphasis on the followings -  Why protecting digital and physical SIP is important  Clean desk and personal belongings policies to ensure that SIP is not left unsecured or pilfered  Printed and digital document security to ensure that authorized individuals use and transfer SIP appropriately  Properly storing, transferring, and destroying SIP digital and physical assets  Properly watermarking images and video before distribution internally or to necessary 3rd parties  Restricting access to only persons that have a legitimate business need to know  Recognizing IP security threats (hack, misuse of transfer methods, misuse of content by authorized or unauthorized individuals, etc.)
Digital Data Secure Transmission All digital assets that contain images, descriptions, or depictions of SIP items shall be transmitted that allows for secure internal communications and encrypted external communications. The digital data transmission follows the below protocol : 1. Email shall not be used to transmit digital data either internally or externally 2. Data shall not be transfer via pen drive or any electronic gadgets means 3. We Transfer secure communication platform is used for internal transfer of digital data 4. Blast secure communication platform is used for external transfer of digital data .
Unauthorized Image Control ● Videography & Photography shall be prohibited on the company premises ● Personal cameras or cell phones shall be prohibited into SIP and restricted items processing or storage areas ● List of authorized mobile users shall be maintained ● Security labels shall be affixed on authorized mobile users phone for security identification ● Use of personal phones with image capturing capabilities in IP areas shall be prohibited ● All Memory cards shall be cleared after every use ● Visitors shall be prohibited or monitored into IP areas to ensure no images captured of SIP areas.
Camera Control & Photography Policy All cameras used to capture images of confidential information or SIP must be stored in a secured central location, restricted to authorized employees that are responsible for capturing images. Employee-owned cameras, including personal cell phones with image capturing capabilities, are strictly prohibited within the facility specially inside SIP secure areas or storage rooms. Implementation Steps: 1. Imaging restricted policy in place that prohibits the use or possession of any mobile camera or camera within factory premises specially in a SIP secure area or storage point 2. All personnel shall deposit their camera mobiles at main gate with security. Visitors shall also deposit their mobiles with security. 3. Imaging Device form shall be filled and duly signed by the management for camera mobile access permission for official purpose. Such camera mobiles permitted shall be affixed with a mobile identification sticker for security identification and verification of authorized mobile users. 4. A dedicated camera to capture images for official purpose shall be stored in a secure location and access to this secure location shall be restricted to authorized personnel only.
Camera Control & Photography Policy 1. Imaging Request Form shall be filled and duly signed / approved by the management for any designated person to capture photos for official business needs. 2. Photographs or Videos captured on the camera shall be downloaded by the IT person on their IT devices and shared with the authorized recipients of the photographs or videos. 3. Photographs or Videos once downloaded or shared with the authorized recipients shall be erased from the camera for next use. 4. Logbook shall be maintained by the IT department for all such camera issuance and retrieval from the authorized users of the camera.
Clean Desk Policy ● Staff Responsibilities ○ Ensure confidentiality of individual workstations. ○ All hard copy records containing highly sensitive data must be shredded or disposed of in designated confidential waste containers when ready for disposal. Under no circumstances should this information be placed in regular wastepaper bins. ○ Passwords should be secured in a location that is not visible or otherwise accessible to others. ○ “Clean Desk” Policy – Any loose paperwork containing sensitive information should be cleaned off desktop and locked securely in a drawer when you leave office and at end of every workday. ○ Lock computer screen every time leaving the computer, even for a few minutes. ○ Properly destroy documents containing confidential information when no longer needed.
Email Security • Email shall not be used to transmit confidential information. • Set up a user account and password to prevent unauthorized access to your computer files • Beware of executable files embedded in .zip attachments – is a common way for hackers to send .exe files that would normally be deleted by email systems • Use We Transfer or other authorized source to transfer any confidential information • Avoid using public WiFi • Avoid opening links and attachments embedded in emails if you cannot verify the source • Check with your IT manager before installing any programs on your work computer • Never leave your laptop, tablet or phone unsupervised and in plain view • Do not install unnecessary programs or apps on your computer or phone • Install a firewall on your network and PC • Run a full anti-malware scan regularly
Proprietary and CONFIDENTIAL. Do Not Distribute. Š 2023 Optiv Security Inc. All Rights Reserved. To stay safe online, make these behaviors part of your regular routine Key Cybersecurity Behaviors Use Strong Passwords Create Backups Enable MFA Learn From Security Awareness Training Recognize and Report Phishing Share Cybersecurity Knowledge With Others Update Software Avoid Using Public WiFi Regularly Assess Your Digital Hygiene Use a VPN
Encrypt the data on the USB device in case you lose it or it gets stolen. Safe Use of USB Avoid public charging stations. They may be compromised. Don’t plug any USB that isn’t yours into your device
Business Partner Business partners shall be vetted and monitored to ensure they are capable of meeting Global Security Standards ● Contracts with appropriate security language shall be in place with all business partners to ensure security obligations are legally enforceable ● All partners involved in the development, production, handling, storage or transportation of cargo, electronic cargo files, and SIP are aware of their obligations. ● Facility management shall communicate the importance of Global Security requirements to all business partners annually. ● Facility shall use a compliance assessment questionnaire for all logistics and general service providers and SIP subcontractors. ● The business partner shall participate in a Customs administered supply chain certification program
Maintaining Confidentiality • Facility shall conduct regular training programs which shall mitigate the risk of human error for SIP leaks and supply chain risks. • Training conduct shall make the staff understand both what they need to do and why it is important and that they shall be much more likely to execute the required security controls with the precision and consistency needed to make the controls effective. • Facility shall conduct some training and training topic shall be into short modules that shall be trained to different individuals as appropriate. Some employees shall need more than one module as their responsibilities span different aspects of handling sensitive assets or perform different roles in the supply chain. • Regardless of role, everyone that is part of the Supply Chain shall have regular training on the importance of CTPAT, AEO, and Hasbro supply chain security controls. • Training content shall emphasis on the followings -  Why maintaining confidentiality is important  Duty to keep sensitive information pertaining to Hasbro confidential during and after employment (SIP information, electronic cargo files, SIP samples, components, finished goods cargo, graphics, photos, etc.)  Proper sharing of information (internally to other departments, externally)
Use of Jay Precision’s Name
Use of Jay Precision Name ● Corporate Purchase Agreements, Purchase Orders and General Contractor Agreement specify, Suppliers may not: ○ Use Jay Precision’s logos without a written license ○ Use Jay Precision’s name to advertise your products, goods or services ■ (rare exceptions may be granted with prior written approval by Senior Management) ○ Disclose Company as a customer or release information about relationships with Jay Precision, by name or by an indirect or descriptive reference. Do not use Jay Precision’s name or logos
Misrepresentation and Use of Jay Precision’s Name ● Suppliers may not represent themselves as acting on Jay Precision’s behalf ○ (unless specifically authorized in writing by Senior Management) ● Suppliers may not ○ Make donations, gifts, etc. on Jay Precision’s behalf ■ Company has our own charitable giving programs ○ Make bribe payments, kickbacks, etc. on Jay Precision’s behalf
Protecting Company & Client Assets and Confidential Information
Protecting Company & Client Assets and Confidential Information Suppliers must protect Jay Precision assets including but not limited to: ● Jay Precision funds ● Trade Secrets, Confidential Information and other Company intellectual Property ○ Suppliers with access to confidential information must sign a Corporate Non-Disclosure Agreement (CNDA) which provides that they not disclose JP or client confidential information to a third party and vice versa ○ Appropriate security measures must be in place to address Confidential data handling, access requirements, data storage and communications (in transit). Compliance to privacy rules, which are based on universal privacy principles, are required when personal information (PI) is collected/used/stored.  NOTE: Supplier employees who connect to Company’s network or have access to classified information may be required to take additional Information Security and Privacy training • Equipment and buildings  NOTE: Some areas of facilities are “off limits” to contractors and suppliers ● Company-sponsored meetings and events ○ Contingent Workers (CWs) may not attend Company-sponsored meetings and events unless specifically invited by the Company business group and approved by the Management ○ CWs may attend business meetings only where needed for specific project- or task-related reasons; then must be excused Company expects its Suppliers to be Leaders and Role Models in protecting Assets and Confidential information
Accurate Records
Accurate Records ● Company requires keeping accurate financial and other books and records ○ Both Jay Precision and Suppliers must keep accurate business records during the course of their relationship ■ Contractual and Legal requirements also require retention of such records for a period of time beyond termination of the relationship ○ Company does not permit or otherwise allow or condone falsification of documents Immediately report to Management any attempt to falsify information in Company’s records (or the appearance of doing so)
Reporting Responsibility
Security Incident Reporting Reporting Suspicious Activities, Anomalies, and Security Breaches  Jay Precision understands the importance of protecting the global supply chain from criminal activities, such as terrorism, human smuggling, drug trafficking, illegal contraband, and the proliferation of weapons of mass destruction.  As a strong advocate of the CTPAT program, Jay Precision is committed to providing the highest standards of quality, integrity, and security throughout the supply chain and is dedicated to promoting a culture of security to ensure that all goods within the supply chain are protected from illicit activities.  As part of our efforts to promote security awareness, we want to remind our clients / business partners that they play an integral role in keeping our borders secure and our communities safe.  By working together with U.S. Customs and Border Protection (CBP) and sharing information about security breaches or potential threats, we can strengthen international supply chains and prevent illegal or terrorist activities.
Security Incident Reporting Reporting Suspicious Activities, Anomalies, and Security Breaches Examples of suspicious activities that warrant notification include, but are not limited to, the following:  Evidence that a shipping container has been tampered with  Discovery of a hidden compartment in a shipping container  High security seal that has been altered, tampered with, or has an incorrect number  Suspicious information on shipping documentation  Discovery of a cargo discrepancy or anomaly (shortages, overages, or other significant discrepancies)  Smuggling of illegal contraband, including narcotics, people, weapons, etc.  Counterfeit or fake goods (IPR infringement)  Suspected forced labor violations  Unauthorized entry into trucks, locomotives, vessels, or aircraft carriers  Extortion, payments for protection, threats, and / or intimidation  Unauthorized use of a Business Entity Identifier  Data breaches  Cyber attacks  Duty evasion  Country of origin violations  Suspected cases of money laundering or financing of terrorist activities To report suspicious illegal activities, shipment anomalies, or security breaches, please contact Security team, local police, local Customs port of entry, Senior Management & Hasbro Management immediately.
* Correct display of ID badges for proper identification by Security * Report loss of ID badge to Security * Always keep safe custody and proper possession of ID badge * Assign authorize key holders * Access on your own individual ID badge * “Need to Know” basis access only * Mandatory escort of all visitor/s by host employee * Correct display of visitor badge & Security checks mandatory * Mobile & laptop restriction protocol for visitor/s * Visitor/s not allowed in “Restricted Areas” Key Employee Responsibilities
* Log off unattended desktop / laptop * Ensure password protected laptop at all times * Never share your password or give computer access to strangers * Report all suspicious persons, activities and packages * Report suspicious vehicles in parking space * Report compromised security infrastructure (broken locks, windows..) * Maintain clean desk policy * Keep safe custody and proper storage of all documents * Shred all documents not in use Key Employee Responsibilities
C-TPAT (Customs & Trade Partnership Against Terrorism) Any Queries
C-TPAT (Customs & Trade Partnership Against Terrorism)

More Related Content

PPT
CTPAT PRESENTATION.ppt
bySutan14
 
PPTX
Security ppt 1.pptx for security awareness
bysurnil7785
 
PPTX
Threat awareness program for employee.pptx
byNormanMwazuna
 
PPTX
Phy Sy CTPAT.pptx-ctpat training for supply chain managers.
byMajor K. Subramaniam Kmaravehlu
 
PPT
Transportation And Facility Security
byehszone
 
PDF
Vendor ctpat securityawareness2010
byJennifer Taylor
 
PDF
Iwla best practices
bynisma nilam
 
PPT
BOMA
byjdemone
 
CTPAT PRESENTATION.ppt
bySutan14
 
Security ppt 1.pptx for security awareness
bysurnil7785
 
Threat awareness program for employee.pptx
byNormanMwazuna
 
Phy Sy CTPAT.pptx-ctpat training for supply chain managers.
byMajor K. Subramaniam Kmaravehlu
 
Transportation And Facility Security
byehszone
 
Vendor ctpat securityawareness2010
byJennifer Taylor
 
Iwla best practices
bynisma nilam
 
BOMA
byjdemone
 

Similar to Digital & SIP Training Security Training Module.pptx

DOCX
Risk and Threat AssessmentWrite a 2,500 word paper that includes.docx
byjoellemurphey
 
PDF
Warehouse security best practices ctpat.pdf
byyenling456
 
PDF
C tpat luman presentation
byAmerex Group LLC
 
PDF
1. c tpat minimum security criteria
byProColombia
 
DOCX
Security Assessment Checklist RecommendationsSEC400 Version 4.docx
bykenjordan97598
 
DOCX
E’s Data Security Company Strategic Security Plan – 2015.docx
bymydrynan
 
PPT
International Security Expo Itpo New Delhi Finl
byFiroze Hussain
 
DOCX
Create a 11-13 power point slides (with speaker notes) in which you .docx
bymercylittle80626
 
PPT
International Security Expo Itpo Cisf Iism 2009 New Delhi Finl
byFiroze Hussain
 
PPT
Security training module
bypagare_c
 
PPTX
SECURITY UPDATE.pptx
byLalitaRajBisht
 
PDF
mobile_security best practices and protection
byAmineBesrour
 
PPTX
Secure physical infrastructure
byPallavi Agarwal
 
PPT
General Security Order For Office or Facilities
bySunjib Anwar
 
DOCX
CMGT 400 Grading Rubric Learning Team – CMGT 400 Week 4 Learning Tea.docx
bymccormicknadine86
 
PPTX
Nipa c tpat security presentation-final
bySheikh Shawkat
 
PPTX
403 9
byDoing What I Do
 
PDF
🏢 Is your organization physically secure?
byAzpirantz Technologies
 
PPTX
OFFICE SERVICES 2 prepared and compiled by JDB, CME, CDG.pptx
byJustineBanan
 
PDF
Small Business Guide to Information Security
byLeo Welder
 
Risk and Threat AssessmentWrite a 2,500 word paper that includes.docx
byjoellemurphey
 
Warehouse security best practices ctpat.pdf
byyenling456
 
C tpat luman presentation
byAmerex Group LLC
 
1. c tpat minimum security criteria
byProColombia
 
Security Assessment Checklist RecommendationsSEC400 Version 4.docx
bykenjordan97598
 
E’s Data Security Company Strategic Security Plan – 2015.docx
bymydrynan
 
International Security Expo Itpo New Delhi Finl
byFiroze Hussain
 
Create a 11-13 power point slides (with speaker notes) in which you .docx
bymercylittle80626
 
International Security Expo Itpo Cisf Iism 2009 New Delhi Finl
byFiroze Hussain
 
Security training module
bypagare_c
 
SECURITY UPDATE.pptx
byLalitaRajBisht
 
mobile_security best practices and protection
byAmineBesrour
 
Secure physical infrastructure
byPallavi Agarwal
 
General Security Order For Office or Facilities
bySunjib Anwar
 
CMGT 400 Grading Rubric Learning Team – CMGT 400 Week 4 Learning Tea.docx
bymccormicknadine86
 
Nipa c tpat security presentation-final
bySheikh Shawkat
 
403 9
byDoing What I Do
 
🏢 Is your organization physically secure?
byAzpirantz Technologies
 
OFFICE SERVICES 2 prepared and compiled by JDB, CME, CDG.pptx
byJustineBanan
 
Small Business Guide to Information Security
byLeo Welder
 

More from surnil7785

PPTX
Responsible-Business-Alliance-RBA for staff.pptx
bysurnil7785
 
PPTX
Smeta-Ppt-Hindi.pptx training for staaff
bysurnil7785
 
PPTX
Cyber Security Training Module 2025.pptx
bysurnil7785
 
PPTX
FACILITY-SECURITY-PLAN-training pptx.pptx
bysurnil7785
 
PPTX
JPPIPL Carbon awareness Footprint Training.pptx
bysurnil7785
 
PPTX
shra-awareness performance-appraisal.pptx
bysurnil7785
 
PPTX
781544553-HSE-awareness Induction-Template.pptx
bysurnil7785
 
PPTX
Cyber security-awareness-training security-.pptx
bysurnil7785
 
PDF
Chemical Safety Tool Box Talk. safety pdf ppt
bysurnil7785
 
PPTX
Environment Protection Awareness Training.pptx
bysurnil7785
 
PPTX
Code of Conduct & Workplace Ethics - JP.pptx
bysurnil7785
 
PPT
Dining Etiquette - JP.ppt awareness training
bysurnil7785
 
PPTX
posh_pink__blue-archies.pptx awareness training
bysurnil7785
 
PPTX
CyberSecurityPPT_V3_1.pptx training module
bysurnil7785
 
PPTX
Parenting Style.pptx training for parents
bysurnil7785
 
PPTX
Parental Support.pptx training for paremts
bysurnil7785
 
PPTX
cyber-security-training-presentation-q320.pptx
bysurnil7785
 
PPTX
Chemical Storage & handling training ppt.pptx
bysurnil7785
 
PPTX
GRIEVANCE PROCEDURE PPT HINDI JP 2024.pptx
bysurnil7785
 
PPTX
grievanceitshandlingprocedure-171027101500.pptx
bysurnil7785
 
Responsible-Business-Alliance-RBA for staff.pptx
bysurnil7785
 
Smeta-Ppt-Hindi.pptx training for staaff
bysurnil7785
 
Cyber Security Training Module 2025.pptx
bysurnil7785
 
FACILITY-SECURITY-PLAN-training pptx.pptx
bysurnil7785
 
JPPIPL Carbon awareness Footprint Training.pptx
bysurnil7785
 
shra-awareness performance-appraisal.pptx
bysurnil7785
 
781544553-HSE-awareness Induction-Template.pptx
bysurnil7785
 
Cyber security-awareness-training security-.pptx
bysurnil7785
 
Chemical Safety Tool Box Talk. safety pdf ppt
bysurnil7785
 
Environment Protection Awareness Training.pptx
bysurnil7785
 
Code of Conduct & Workplace Ethics - JP.pptx
bysurnil7785
 
Dining Etiquette - JP.ppt awareness training
bysurnil7785
 
posh_pink__blue-archies.pptx awareness training
bysurnil7785
 
CyberSecurityPPT_V3_1.pptx training module
bysurnil7785
 
Parenting Style.pptx training for parents
bysurnil7785
 
Parental Support.pptx training for paremts
bysurnil7785
 
cyber-security-training-presentation-q320.pptx
bysurnil7785
 
Chemical Storage & handling training ppt.pptx
bysurnil7785
 
GRIEVANCE PROCEDURE PPT HINDI JP 2024.pptx
bysurnil7785
 
grievanceitshandlingprocedure-171027101500.pptx
bysurnil7785
 

Recently uploaded

PPTX
How to Create a Manifest File in Odoo 18
byCeline George
 
PPTX
PECTORAL REGION.pptx Human anatomy,Bmls,
byKISMAT ALI
 
PDF
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
PPTX
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
PPTX
Safety Needs and Prevention of environmental hazards.pptx
byAneetaSharma15
 
PPTX
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
PPTX
How can education build trust in a polarised world_Jonathan James_OECD .pptx
byEduSkills OECD
 
PPTX
🧪“Blood Chemistry Tests in Pharmacy Practice: Clinical Laboratory Guide for P...
byBanny S.V
 
PDF
1.1 Historical background & development of Profession of Pharmacy.pdf
byMr. SAKHARE R. S.
 
PPTX
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
PPTX
Capital Budgeting - Risk Analysis Using Sensitivity Analysis
bySundar B N
 
PPTX
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
PPTX
Common problems or challenges faced by Indian adolescents
byDr. Harpal Kaur
 
PDF
Umlando kaMufi. IsiZulu Ulimi Lwebele...
byNokwandaNzuza2
 
PDF
The Minority Caucus in Parliament has called on government to take immediate ...
bynservice241
 
PDF
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
PPTX
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
PPTX
Hudson Vitale "AI Essentials: From Tools to Strategies: A 2025 NISO Training ...
byNational Information Standards Organization (NISO)
 
PPTX
DBP - BITA Introduction Slides Oct 202526
byGreat Files
 
PPTX
Agriculture Lesson Note for Grade 11 Chapter 3 & 4.pptx
byNajibMuhidin
 
How to Create a Manifest File in Odoo 18
byCeline George
 
PECTORAL REGION.pptx Human anatomy,Bmls,
byKISMAT ALI
 
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
Safety Needs and Prevention of environmental hazards.pptx
byAneetaSharma15
 
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
How can education build trust in a polarised world_Jonathan James_OECD .pptx
byEduSkills OECD
 
🧪“Blood Chemistry Tests in Pharmacy Practice: Clinical Laboratory Guide for P...
byBanny S.V
 
1.1 Historical background & development of Profession of Pharmacy.pdf
byMr. SAKHARE R. S.
 
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
Capital Budgeting - Risk Analysis Using Sensitivity Analysis
bySundar B N
 
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
Common problems or challenges faced by Indian adolescents
byDr. Harpal Kaur
 
Umlando kaMufi. IsiZulu Ulimi Lwebele...
byNokwandaNzuza2
 
The Minority Caucus in Parliament has called on government to take immediate ...
bynservice241
 
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
Hudson Vitale "AI Essentials: From Tools to Strategies: A 2025 NISO Training ...
byNational Information Standards Organization (NISO)
 
DBP - BITA Introduction Slides Oct 202526
byGreat Files
 
Agriculture Lesson Note for Grade 11 Chapter 3 & 4.pptx
byNajibMuhidin
 

Digital & SIP Training Security Training Module.pptx

  • 2.
    Security Training andThreat Awareness • Minimum Security Criteria • Internal Conspiracies • Container Inspections • Threats • Code of Conduct • Incident Reporting
  • 3.
    Security & ConfidentialityTraining ● All employees, including contractors, shall sign a confidentiality agreement as new employees and annually thereafter. ● Security training shall be imparted to all employees as part of induction and annual refresher ● Data privacy & security, confidentiality, intellectual property security measures, information protection measures, breaches of confidentiality, and personal responsibility shall be covered in the training ● Suspicious Security Activities Reporting shall be encouraged as part of the training session scope.
  • 4.
    Confidentiality Agreement ● Allstaff shall sign a nondisclosure, confidentiality agreement or oath as new employees and annually thereafter. ● The confidentiality agreement shall state that the employee agrees not to disclose any company sensitive information to any unauthorized persons. ● The agreement shall be maintained in the employee’s personnel file.
  • 5.
    Physical Security • Fencing •Gates and Gate Houses • Parking • Building Structures • Locking Devices • Lighting • Alarms & Video Surveillance
  • 6.
    Physical Security ● Boundary/ Fencing shall be solid wall cement construction with 6 feet height & above ● Must touch the ground and not have gaps, holes, or sections in disrepair ● Periodical inspection of the fencing for damage and integrity and make necessary repairs ● Doors and Windows of buildings must be secured properly with locking devices or access control devices. ● Adequate lighting systems for effective surveillance of the facility
  • 7.
    Physical Access Control ●Security shall ensure that they allow access to authorized individuals only. ● All authorized individuals shall wear & display identity cards for security identification at gate ● Access control devices shall be installed on all critical areas viz. IT room, Labs, IP, SIP, FG area, etc. ● Personnel access shall be restricted to only legitimate business areas of access ● Issuance & removal of access control devices & electronic access permission shall be done by HR / IT / Security team ● All perimeter & interior access portals shall be secured, manned & monitored
  • 8.
    Vehicle & PersonnelControl Preventing unauthorized vehicles from entering the premises to minimize threat to cargo, electronic cargo files and SIP. ● Vehicular checks shall be done at main gate by security ● Record keeping of all vehicular access within the company premises by security ● Vehicles shall be thoroughly examined by security at gate for any explosives, prohibited items and drugs. ● Vehicles shall be parked at their designated parking areas and that personal vehicles are not parked in or near cargo loading and storage areas.
  • 9.
    Visitor Management Identifying, recordingand restricting the movement of visitors to prevent access to cargo, electronic cargo files and SIP areas where it is created, stored or processed. ● Visitor shall have a legitimate business need for purpose of visit to facility, ● Visitor shall present a valid photo ID proof for registration ● Visitor shall be issued a Visitor badge by the security ● Visitor & Visitor vehicle shall be frisked by the security at the gate ● Visitor shall be escorted at all times by the host employee ● Visitor’s arrival and departure shall be recorded in the visitor logbook
  • 10.
    CCTV / VideoSurveillance System ● CCTV for 24 hours security surveillance of the premises shall be installed. ● CCTV Control room shall be monitored by authorized security staff ● 90 days back up of the CCTV footages shall be maintained ● Alternate power supply shall be provided for continuous CCTV operations during power outage ● CCTV line of sight shall be clear and unobstructed ● CCTV shall have coverage of cargo handling & storage, seal storage, FG cargo handling & storage, SIP, IIT inspection & storage, server, lab areas.
  • 11.
    Patrolling Procedures &Reporting ● Security shall have proper patrolling of the facility both internally and externally. ● All personnel shall be encouraged to report suspected security incidents ● Facility management shall initiate internal investigations in response to security incidents. ● Security incidents shall include but shall not be limited to: Seal changes, Cyber security threats, Altered, suspicious or broken seals, Unauthorized entry into IIT or conveyance storage areas, Unauthorized release of sensitive information, Cargo overages, shortages, damages, suspicious packages & parcels, unauthorized entry, etc. ● Facility management shall outline the facility’s internal escalation process and contact information
  • 12.
  • 13.
  • 14.
    Container Inspection Conduct asystematic inspection
  • 15.
    Container Security ● IITinspections shall be performed by trained security under the CCTV view ● IIT Inspections must be in place to address human smuggling and concealment. ● Protections must be in place to protect against smuggling, contraband & terrorism ● IIT inspections shall be performed on empty containers, prior to loading and loaded containers while passing through gate. ● Empty IIT inspection, pre-loading inspection and gate inspection checklist shall be filled by the security supervision ● Designated representative shall be available to oversee and monitor the loading of cargo ● IIT loading shall be done under CCTV surveillance ● IIT loading CCTV footages shall be retained for 90 days ● Seals shall be correctly affixed on the IIT using VVTT method immediately after loading
  • 16.
    IIT Seals ISO 17712Compliant High Security Bolt Seal Look for the “H” stamped on the seal: Locking body Steel rod or bolt
  • 17.
    Seal Security Seals shallbe stored in a secure area and a regular inventory of seals shall be conducted to ensure that all seals are accounted for and not utilized for illegitimate purposes. ● Seals shall be stored in a secured, access-controlled or in a password protected digital safe under CCTV surveillance ● The volume of seals purchased shall be consumed within a 12-month period ● A comprehensive seal log shall be used to record and control seals ● Regular audits shall be performed to verify the seal logs against seal inventory. ● The seal inventory and issuance logs shall be accurate. ● ISO 17712:2013 or later compliant high security seals shall be use ● Seals shall be properly inspected using the VVTT method ● Seal certificate of conformance shall be available
  • 18.
    Container Seals… Seal AffixingProcess:  Only designated, authorized employees must distribute and affix container seals for integrity purposes. The fewer people who have access to seal(s), the better!  Unauthorized employees must never handle container seals!
  • 19.
    Seal Inspection… Seal Verificationand Inspection Process:  A seal inspection process should be implemented throughout the supply chain.  The V.V.T.T. Seal Inspection Process is a good example of one: V – View seal & container locking mechanisms. V – Verify seal number for accuracy. T – Tug on seal to make sure it is affixed properly. T – Twist & Turn seal to make sure it does not unscrew.
  • 20.
    Seal Inspection… Seal Verificationand Inspection Process:  View seal & container locking mechanisms. Excessive damage to the seal or locking mechanisms must be reported to a Supervisor before opening the container. Seal Verification and Inspection Process:  Verify seal number for accuracy.  Compare with shipping documents, and look for alterations to the seal numbers!
  • 21.
    Seal Inspection… Seal Verificationand Inspection Process:  Tug on seal to make sure it is affixed properly.  Seals that come apart must be reported to a Supervisor before opening the container.  Human error might cause this to happen, or the container might have contraband inside! Seal Verification and Inspection Process:  Twist & Turn seal to make sure it does not come off.  Seals are threaded, so they can be unscrewed.  These altered seals are reusable throughout the supply chain for multiple attacks!
  • 22.
    • Twist &Turn seal to make sure it does not unscrew • Seals that are previously cut off from imported shipments can be used to create duplicate seals. Tampered Seals Seal affixed on container Cut seal mutilated for future use
  • 23.
    Records Retention &Destruction Policy ● Records shall be classified as per their information content ● Records retention policy shall be defined ● Records shall be stored in a lock & key cabinet. ● Records shall be destroyed through crosscut shredder
  • 24.
    Electronic Data Security ●Computers, Fax Machines, and Printers ○ Always use passwords with a minimum of 7 characters comprised of numbers and letters. ○ Do NOT share passwords with anyone. ○ Do NOT sign on and allow someone else to access data. ○ Restrict printer and fax access space and they should be maintained in a secure locked space. ○ Only use printers that do NOT store information on an internal hard drive.
  • 25.
    Electronic Data Security ●Electronic Databases ○ Electronic databases should be maintained on secure servers with backups preformed regularly on secure servers. ○ Only required staff should have access to databases with the minimum level of access granted to fulfill job responsibilities (i.e., read only access). ○ Do NOT share passwords with anyone. ○ Do NOT sign on and allow someone else to access data. ○ Once access is no longer required, user accounts should be deactivated.
  • 26.
    Electronic Data Security ●Electronic Databases ○ Pen drive access shall be restricted to authorized personnel only with “Need to Know” access basis ○ Data sharing on personal gadgets viz. hard drives, mobiles, floppy drives shall be prohibited ○ Data sharing shall only be done via official transfer file system ○ Data should be encrypted if removed from the secure server and always encrypted before transfer ○ Back-ups should be encrypted, if possible, before being copied to a secure location.
  • 27.
    Protecting digital andphysical SIP and electronic cargo files • Facility shall conduct regular training programs which shall mitigate the risk of human error for SIP leaks and supply chain risks. • Training conduct shall make the staff understand both what they need to do and why it is important and that they shall be much more likely to execute the required security controls with the precision and consistency needed to make the controls effective. • Facility shall conduct some training and training topic shall be into short modules that shall be trained to different individuals as appropriate. Some employees shall need more than one module as their responsibilities span different aspects of handling sensitive assets or perform different roles in the supply chain. • Regardless of role, everyone that is part of the Supply Chain shall have regular training on the importance of CTPAT, AEO, and Hasbro supply chain security controls. • Training content shall emphasis on the followings -  Why protecting digital and physical SIP is important  Clean desk and personal belongings policies to ensure that SIP is not left unsecured or pilfered  Printed and digital document security to ensure that authorized individuals use and transfer SIP appropriately  Properly storing, transferring, and destroying SIP digital and physical assets  Properly watermarking images and video before distribution internally or to necessary 3rd parties  Restricting access to only persons that have a legitimate business need to know  Recognizing IP security threats (hack, misuse of transfer methods, misuse of content by authorized or unauthorized individuals, etc.)
  • 28.
    Digital Data SecureTransmission All digital assets that contain images, descriptions, or depictions of SIP items shall be transmitted that allows for secure internal communications and encrypted external communications. The digital data transmission follows the below protocol : 1. Email shall not be used to transmit digital data either internally or externally 2. Data shall not be transfer via pen drive or any electronic gadgets means 3. We Transfer secure communication platform is used for internal transfer of digital data 4. Blast secure communication platform is used for external transfer of digital data .
  • 29.
    Unauthorized Image Control ●Videography & Photography shall be prohibited on the company premises ● Personal cameras or cell phones shall be prohibited into SIP and restricted items processing or storage areas ● List of authorized mobile users shall be maintained ● Security labels shall be affixed on authorized mobile users phone for security identification ● Use of personal phones with image capturing capabilities in IP areas shall be prohibited ● All Memory cards shall be cleared after every use ● Visitors shall be prohibited or monitored into IP areas to ensure no images captured of SIP areas.
  • 30.
    Camera Control &Photography Policy All cameras used to capture images of confidential information or SIP must be stored in a secured central location, restricted to authorized employees that are responsible for capturing images. Employee-owned cameras, including personal cell phones with image capturing capabilities, are strictly prohibited within the facility specially inside SIP secure areas or storage rooms. Implementation Steps: 1. Imaging restricted policy in place that prohibits the use or possession of any mobile camera or camera within factory premises specially in a SIP secure area or storage point 2. All personnel shall deposit their camera mobiles at main gate with security. Visitors shall also deposit their mobiles with security. 3. Imaging Device form shall be filled and duly signed by the management for camera mobile access permission for official purpose. Such camera mobiles permitted shall be affixed with a mobile identification sticker for security identification and verification of authorized mobile users. 4. A dedicated camera to capture images for official purpose shall be stored in a secure location and access to this secure location shall be restricted to authorized personnel only.
  • 31.
    Camera Control &Photography Policy 1. Imaging Request Form shall be filled and duly signed / approved by the management for any designated person to capture photos for official business needs. 2. Photographs or Videos captured on the camera shall be downloaded by the IT person on their IT devices and shared with the authorized recipients of the photographs or videos. 3. Photographs or Videos once downloaded or shared with the authorized recipients shall be erased from the camera for next use. 4. Logbook shall be maintained by the IT department for all such camera issuance and retrieval from the authorized users of the camera.
  • 32.
    Clean Desk Policy ●Staff Responsibilities ○ Ensure confidentiality of individual workstations. ○ All hard copy records containing highly sensitive data must be shredded or disposed of in designated confidential waste containers when ready for disposal. Under no circumstances should this information be placed in regular wastepaper bins. ○ Passwords should be secured in a location that is not visible or otherwise accessible to others. ○ “Clean Desk” Policy – Any loose paperwork containing sensitive information should be cleaned off desktop and locked securely in a drawer when you leave office and at end of every workday. ○ Lock computer screen every time leaving the computer, even for a few minutes. ○ Properly destroy documents containing confidential information when no longer needed.
  • 33.
    Email Security • Emailshall not be used to transmit confidential information. • Set up a user account and password to prevent unauthorized access to your computer files • Beware of executable files embedded in .zip attachments – is a common way for hackers to send .exe files that would normally be deleted by email systems • Use We Transfer or other authorized source to transfer any confidential information • Avoid using public WiFi • Avoid opening links and attachments embedded in emails if you cannot verify the source • Check with your IT manager before installing any programs on your work computer • Never leave your laptop, tablet or phone unsupervised and in plain view • Do not install unnecessary programs or apps on your computer or phone • Install a firewall on your network and PC • Run a full anti-malware scan regularly
  • 34.
    Proprietary and CONFIDENTIAL.Do Not Distribute. Š 2023 Optiv Security Inc. All Rights Reserved. To stay safe online, make these behaviors part of your regular routine Key Cybersecurity Behaviors Use Strong Passwords Create Backups Enable MFA Learn From Security Awareness Training Recognize and Report Phishing Share Cybersecurity Knowledge With Others Update Software Avoid Using Public WiFi Regularly Assess Your Digital Hygiene Use a VPN
  • 35.
    Encrypt the dataon the USB device in case you lose it or it gets stolen. Safe Use of USB Avoid public charging stations. They may be compromised. Don’t plug any USB that isn’t yours into your device
  • 36.
    Business Partner Business partnersshall be vetted and monitored to ensure they are capable of meeting Global Security Standards ● Contracts with appropriate security language shall be in place with all business partners to ensure security obligations are legally enforceable ● All partners involved in the development, production, handling, storage or transportation of cargo, electronic cargo files, and SIP are aware of their obligations. ● Facility management shall communicate the importance of Global Security requirements to all business partners annually. ● Facility shall use a compliance assessment questionnaire for all logistics and general service providers and SIP subcontractors. ● The business partner shall participate in a Customs administered supply chain certification program
  • 37.
    Maintaining Confidentiality • Facilityshall conduct regular training programs which shall mitigate the risk of human error for SIP leaks and supply chain risks. • Training conduct shall make the staff understand both what they need to do and why it is important and that they shall be much more likely to execute the required security controls with the precision and consistency needed to make the controls effective. • Facility shall conduct some training and training topic shall be into short modules that shall be trained to different individuals as appropriate. Some employees shall need more than one module as their responsibilities span different aspects of handling sensitive assets or perform different roles in the supply chain. • Regardless of role, everyone that is part of the Supply Chain shall have regular training on the importance of CTPAT, AEO, and Hasbro supply chain security controls. • Training content shall emphasis on the followings -  Why maintaining confidentiality is important  Duty to keep sensitive information pertaining to Hasbro confidential during and after employment (SIP information, electronic cargo files, SIP samples, components, finished goods cargo, graphics, photos, etc.)  Proper sharing of information (internally to other departments, externally)
  • 38.
    Use of JayPrecision’s Name
  • 39.
    Use of JayPrecision Name ● Corporate Purchase Agreements, Purchase Orders and General Contractor Agreement specify, Suppliers may not: ○ Use Jay Precision’s logos without a written license ○ Use Jay Precision’s name to advertise your products, goods or services ■ (rare exceptions may be granted with prior written approval by Senior Management) ○ Disclose Company as a customer or release information about relationships with Jay Precision, by name or by an indirect or descriptive reference. Do not use Jay Precision’s name or logos
  • 40.
    Misrepresentation and Useof Jay Precision’s Name ● Suppliers may not represent themselves as acting on Jay Precision’s behalf ○ (unless specifically authorized in writing by Senior Management) ● Suppliers may not ○ Make donations, gifts, etc. on Jay Precision’s behalf ■ Company has our own charitable giving programs ○ Make bribe payments, kickbacks, etc. on Jay Precision’s behalf
  • 41.
    Protecting Company &Client Assets and Confidential Information
  • 42.
    Protecting Company &Client Assets and Confidential Information Suppliers must protect Jay Precision assets including but not limited to: ● Jay Precision funds ● Trade Secrets, Confidential Information and other Company intellectual Property ○ Suppliers with access to confidential information must sign a Corporate Non-Disclosure Agreement (CNDA) which provides that they not disclose JP or client confidential information to a third party and vice versa ○ Appropriate security measures must be in place to address Confidential data handling, access requirements, data storage and communications (in transit). Compliance to privacy rules, which are based on universal privacy principles, are required when personal information (PI) is collected/used/stored.  NOTE: Supplier employees who connect to Company’s network or have access to classified information may be required to take additional Information Security and Privacy training • Equipment and buildings  NOTE: Some areas of facilities are “off limits” to contractors and suppliers ● Company-sponsored meetings and events ○ Contingent Workers (CWs) may not attend Company-sponsored meetings and events unless specifically invited by the Company business group and approved by the Management ○ CWs may attend business meetings only where needed for specific project- or task-related reasons; then must be excused Company expects its Suppliers to be Leaders and Role Models in protecting Assets and Confidential information
  • 43.
  • 44.
    Accurate Records ● Companyrequires keeping accurate financial and other books and records ○ Both Jay Precision and Suppliers must keep accurate business records during the course of their relationship ■ Contractual and Legal requirements also require retention of such records for a period of time beyond termination of the relationship ○ Company does not permit or otherwise allow or condone falsification of documents Immediately report to Management any attempt to falsify information in Company’s records (or the appearance of doing so)
  • 45.
  • 46.
    Security Incident Reporting ReportingSuspicious Activities, Anomalies, and Security Breaches  Jay Precision understands the importance of protecting the global supply chain from criminal activities, such as terrorism, human smuggling, drug trafficking, illegal contraband, and the proliferation of weapons of mass destruction.  As a strong advocate of the CTPAT program, Jay Precision is committed to providing the highest standards of quality, integrity, and security throughout the supply chain and is dedicated to promoting a culture of security to ensure that all goods within the supply chain are protected from illicit activities.  As part of our efforts to promote security awareness, we want to remind our clients / business partners that they play an integral role in keeping our borders secure and our communities safe.  By working together with U.S. Customs and Border Protection (CBP) and sharing information about security breaches or potential threats, we can strengthen international supply chains and prevent illegal or terrorist activities.
  • 47.
    Security Incident Reporting ReportingSuspicious Activities, Anomalies, and Security Breaches Examples of suspicious activities that warrant notification include, but are not limited to, the following:  Evidence that a shipping container has been tampered with  Discovery of a hidden compartment in a shipping container  High security seal that has been altered, tampered with, or has an incorrect number  Suspicious information on shipping documentation  Discovery of a cargo discrepancy or anomaly (shortages, overages, or other significant discrepancies)  Smuggling of illegal contraband, including narcotics, people, weapons, etc.  Counterfeit or fake goods (IPR infringement)  Suspected forced labor violations  Unauthorized entry into trucks, locomotives, vessels, or aircraft carriers  Extortion, payments for protection, threats, and / or intimidation  Unauthorized use of a Business Entity Identifier  Data breaches  Cyber attacks  Duty evasion  Country of origin violations  Suspected cases of money laundering or financing of terrorist activities To report suspicious illegal activities, shipment anomalies, or security breaches, please contact Security team, local police, local Customs port of entry, Senior Management & Hasbro Management immediately.
  • 48.
    * Correct displayof ID badges for proper identification by Security * Report loss of ID badge to Security * Always keep safe custody and proper possession of ID badge * Assign authorize key holders * Access on your own individual ID badge * “Need to Know” basis access only * Mandatory escort of all visitor/s by host employee * Correct display of visitor badge & Security checks mandatory * Mobile & laptop restriction protocol for visitor/s * Visitor/s not allowed in “Restricted Areas” Key Employee Responsibilities
  • 49.
    * Log offunattended desktop / laptop * Ensure password protected laptop at all times * Never share your password or give computer access to strangers * Report all suspicious persons, activities and packages * Report suspicious vehicles in parking space * Report compromised security infrastructure (broken locks, windows..) * Maintain clean desk policy * Keep safe custody and proper storage of all documents * Shred all documents not in use Key Employee Responsibilities
  • 51.
    C-TPAT (Customs & TradePartnership Against Terrorism) Any Queries
  • 52.
    C-TPAT (Customs & TradePartnership Against Terrorism)

Editor's Notes

  • #34 Suggested Script: We’ve discussed the importance of using strong passwords and a password manager, enabling MFA, recognizing and reporting phishing and updating software regularly today. Your security also depends on conducting regular digital hygiene assessments to ensure your online presence is clean, creating backups in case of data loss, learning from security awareness training, sharing your cybersecurity knowledge with coworkers, clients, family and friends, avoiding connecting to public WiFi when possible, and using a virtual private network (VPN) to shield your online activity from those who seek to use it for their benefit. Engaging in these behaviors can help keep you safe online.
  • #38 In this next section, we’ll review the Use of Prothom’s Name
  • #39 Suppliers may not use Prothom’s logos without a written license. Suppliers may not use Prothom’s name to advertise your products, goods, services or company. Suppliers may not disclose that Prothom is a customer, or release information about relationships with Prothom. Our purchase agreements and General Contractor agreements specify this obligation. Rarely, Prothom will make an exception and allow a supplier to say that Prothom is a customer—permission must be requested in advance, and given in writing by Prothom Senior Management. Do not disclose Prothom as a customer—whether you list Prothom by name, or indirectly, through your description.
  • #40 Suppliers may not say that they’re from Prothom, nor may they make donations or gifts on Prothom’s behalf. Prothom has a charitable giving program on behalf of our corporation. And never pay a bribe or kickback on Prothom’s behalf. This is not allowed, whether done directly or through a third party.
  • #41 Now let’s discuss protecting Prothom assets and confidential information.
  • #42 Suppliers must protect Prothom assets, including Prothom funds, confidential information, equipment, and buildings. Prothom assets must not be sold, borrowed, lent, given away or modified in any way that would impair their value. As an Prothom supplier, you are also personally responsible for safeguarding the company’s assets from: Loss or overuse Inappropriate modifications Disclosure to anyone who lacks either the authorization or the need-to-know. Suppliers with access to confidential information sign a nondisclosure agreement or CNDA. Make sure you understand your responsibility under the CNDA, and correctly protect the confidential information. A couple of reminders: Any supplier employee who connects to Prothom’s network must take Prothom’s Information Security and Privacy classes. Please ensure that any of your employees who need this training, get it. And, Contingent Workers should only attend Prothom Business meeting where they’re invited for specific project- or task-related reasons, and only for the relevant part of the meeting. Prothom expects our suppliers to be leaders and role models in protecting Prothom assets and confidential information.
  • #43 Let’s now talk about the importance of Accurate Records.
  • #44 Doing business with highest standards of professionalism and in accordance with the Code of Conduct, means documenting and maintaining accurate books and records. This is an Prothom requirement and is also required under many laws such as the U.S. Securities and Exchange Act of 1934 and GAAP. Transparency is critical for accurate books and records. Both Prothom and the supplier must keep accurate business records during the course of the relationship. These records may be required to be retained beyond the termination of the relationship, based on contractual or legal requirements. Prothom does not allow falsification of records. If you know of an attempt to falsify information in Prothom’s records, or if it appears to be such an attempt—report this immediately to Prothom Management.
  • #45 We’ve mentioned several times that Prothom wants our suppliers to report any concerns about ethical behaviour or violations of Prothom’s Code of Conduct. Now let’s discuss how to do this.
  • #46 This session deals with the topic of internal quality audits. The session is a half-day module, with approximately 60 minutes of presentation, followed by 45 minutes of group discussion and 30 minutes of feedback. Test is approximately 30 minutes and 20 minutes for discussion. A documented and systematic tool, used by management and done periodically by independent, qualified people to verify and evaluate an organisation’s commitment to the principles of Good Manufacturing Practice (GMP) as well as compliance to regulatory requirements. An organisation that is highly committed to GMP will not only meet the regulatory requirements but far exceed them. Internal audit is used by the organisation to better understand itself or others. The activity and its results must be documented and shared with those who can take action based on the audit findings. The audit must be done in a planned and organised way so that the deficiencies are immediately identified and corrected before they adversely affect the products and the company’s reputation.
  • #47 This session deals with the topic of internal quality audits. The session is a half-day module, with approximately 60 minutes of presentation, followed by 45 minutes of group discussion and 30 minutes of feedback. Test is approximately 30 minutes and 20 minutes for discussion. A documented and systematic tool, used by management and done periodically by independent, qualified people to verify and evaluate an organisation’s commitment to the principles of Good Manufacturing Practice (GMP) as well as compliance to regulatory requirements. An organisation that is highly committed to GMP will not only meet the regulatory requirements but far exceed them. Internal audit is used by the organisation to better understand itself or others. The activity and its results must be documented and shared with those who can take action based on the audit findings. The audit must be done in a planned and organised way so that the deficiencies are immediately identified and corrected before they adversely affect the products and the company’s reputation.
  • #48 This session deals with the topic of internal quality audits. The session is a half-day module, with approximately 60 minutes of presentation, followed by 45 minutes of group discussion and 30 minutes of feedback. Test is approximately 30 minutes and 20 minutes for discussion. A documented and systematic tool, used by management and done periodically by independent, qualified people to verify and evaluate an organisation’s commitment to the principles of Good Manufacturing Practice (GMP) as well as compliance to regulatory requirements. An organisation that is highly committed to GMP will not only meet the regulatory requirements but far exceed them. Internal audit is used by the organisation to better understand itself or others. The activity and its results must be documented and shared with those who can take action based on the audit findings. The audit must be done in a planned and organised way so that the deficiencies are immediately identified and corrected before they adversely affect the products and the company’s reputation.
  • #49 This session deals with the topic of internal quality audits. The session is a half-day module, with approximately 60 minutes of presentation, followed by 45 minutes of group discussion and 30 minutes of feedback. Test is approximately 30 minutes and 20 minutes for discussion. A documented and systematic tool, used by management and done periodically by independent, qualified people to verify and evaluate an organisation’s commitment to the principles of Good Manufacturing Practice (GMP) as well as compliance to regulatory requirements. An organisation that is highly committed to GMP will not only meet the regulatory requirements but far exceed them. Internal audit is used by the organisation to better understand itself or others. The activity and its results must be documented and shared with those who can take action based on the audit findings. The audit must be done in a planned and organised way so that the deficiencies are immediately identified and corrected before they adversely affect the products and the company’s reputation.