Operate with Integrity Cybersecurity TheCompanyisdevelopingandimplementingathird-partyrisk OurGlobalCybersecurityCommitteeassiststheBoardof managementframeworkaspartofonboardingnewvendorsand Directorsinprotectingour assets, recordsandinformationfrom otherthirdpartiesaswellasvettingexistingvendors.Thepurpose cyberthreats. By taking arisk-based approach, utilizing technology of theseproceduresistoensureallpartiesinteractingwiththe andappropriatepractices andprocedures,theCommitteeensures Companyareadheringtohighstandardsrelatedtocybersecurity. that the following goals are met: In addition, we devote considerable effort and resources to defend • Confidentiality: All information stored should be kept private againstandmitigatecybersecurityrisk,includingincreasing andshouldonlybeavailabletoandusedbypeople(orsystems) awarenessthroughouttheorganizationthroughanestablished that CanaccordGenuity has explicitly authorized and given firm-widecybersecurity training program for all employees. permission to do so. OurglobalCybersecurityCommitteemonitorsandreviewsthe appropriatenessandeffectivenessofourcontrols. • Integrity: Maintain the integrity of information to keep all systemsanddatacomplete,intact,andfreefromcorruption. TheCompany’smanagementofcybersecurityrisk,as wellas anyreportedincidents,isregularlypresentedtobothsenior • Availability: Maintain the availability of systems, services, and managementthroughtheCybersecurityCommitteeandtheAudit informationwhenrequiredbytheCompanyand/oritsclients. CommitteeoftheBoardofDirectors
ESG Report | Canaccord Genuity Page 7 Page 9