INFORMATION SECURITY POLICY STATEMENT
The Centigrade Group is committed to handling all forms of information including clients’ data using the
most secure information security approaches. These approaches include national business standards
and using the latest technology to ensure data confidentiality, integrity and availability. Our access
control policy and information security measures contain different layers, which combined, offers
comprehensive data protection for external and internal users.
A select number of Centigrade employees have high level clearance to connect remotely to local
networks and reach files on the server using a VPN connection. File access control is granted by a set
of NTFS permissions on the file server depending on their role and level of access.
File audits are enabled in the file server logging every action over all files. E-Mail security is controlled
by SOPHOS E-Mail protection using two layers; a cloud-based initial filter and a second filter installed
on the E-Mail server. SOPHOS also controls Endpoint protection for all computers and servers. This
provides the most complete and secure solution against information security threats, which include, (but
are not limited to) malware and ransomware.
Security devices have controls in place preventing external users from accessing Centigrade data by
completing authentication processes. Each Centigrade employee has file permissions relevant to their
role. This ensures only validated users can reach confidential and classified information when needed.
Centigrade conduct half yearly information security assessments to ascertain potential breaches and
security policy malfunction of our IT infrastructure. Action is taken based on the outcome of the
assessment(s).
SAFETY AND HEALTH POLICY STATEMENT
The Centigrade Group and its subsidiaries recognise the importance of Occupational Health and Safety
(OH&S) for the success and growth of our business. Our aim is to be recognised as an industry leader
in OH&S through effective management of our specialised activities with respect to our workforce,
communities and the environment.
COMMITMENT
At Centigrade we believe that process and personal safety related incidents, and occupational illnesses
are preventable. We are committed to managing our activities to eliminate hazards and reduce
occupational health and safety risks, by incorporating a ‘do right first time’ approach in relation to all its
activities.
PRINCIPLES
Centigrade will achieve this by:
- Implementing a systems approach to OH&S risk management.
- Complying with relevant laws and regulations and applying responsible standards where laws do
- not exist;
- Setting, measuring and reviewing objectives and targets that will drive continuous improvement in
- OH&S performance.
- Reporting OH&S performance and working towards continuous improvement.
- Integrating OH&S requirements in all critical activities.
- Promoting a culture that supports an OH&S Management system.
- Promoting the consolation and participation of employees in implementing actions for the continual
- improvement of the OH&S management system.
- Taking a collaborative and proactive approach with stakeholders in relation to OH&S to achieve
- safety goal of zero harm.
- Requiring subcontractors to comply with our OH&S expectations in a mutually beneficial manner.
APPLICATION
Responsibility for the application of this policy rests with all the Centigrade Group employees, subcontractors and joint venturers engaged in activities under Centigrade operational control. Centigrade management are also responsible for promotion of this policy in non-operated joint ventures.

Michael Anthony
Managing Director