MANAGING CYBER SECURITY PRC Yanlord recognises the critical importance of cybersecurity to the stability and reliability of its business operations and remains fully committed to complying with the Cybersecurity Classified Protection 2.0 requirements under the PRC Cyber Security Law. These regulations require organisations to implement security controls commensurate with the classification level of their network systems. Accordingly, Yanlord adopts a holistic cybersecurity management framework anchored on three core pillars — Process, Technology, and People — to ensure a comprehensive and systematic approach to information security. The Group continues to maintain robust system security standards across its key digital platforms. Yanlord’s customer service system, sales system, and sunshine procurement system undergo regular assessments and have successfully maintained DJCP certification issued by the Ministry of Public Security of the PRC, reaffirming the effectiveness of the Group’s cybersecurity controls and the integrity of its core systems. To strengthen organisational awareness and reinforce good cybersecurity practices, Yanlord provides structured information security training for employees, supported by the Group’s Human Resources Department. Training programmes cover core cybersecurity principles, common security risks, and data protection best practices. In addition, IT professionals receive specialised technical training in network security and system protection, equipping them with advanced capabilities to prevent, detect, and respond to potential cyber threats. Through this proactive and layered approach, Yanlord continues to enhance its cybersecurity resilience and uphold strong information security standards across its operations. SINGAPORE In Singapore, the Group has established a Data Management Policy and a Cyber Security Policy to provide clear guidance on data governance, access controls, and information security. These policies set out preventive measures designed to protect the Group’s network infrastructure, information systems, and employees from potential cybersecurity threats. To support responsible data management, Yanlord maintains structured checklists and documentation, enforces strict authorisation requirements for accessing and handling sensitive information, and conducts daily offline tape backups as a safeguard against cyber incidents. The Group also carries out regular security assessments to evaluate the effectiveness of its controls. These assessments include annual disaster recovery exercises, ethical hacking proof‑of‑concept testing, and data security management audits, which together support the resilience and reliability of the Group’s systems. CUSTOMER PRIVACY Target and Performance Perpetual Target FY 2025 Performance No substantiated complaints1 concerning breaches of customer privacy or losses of customer data Achieved 1 Written statement by regulatory authority or similar official body addressed to the organisation that identifies breaches of customer privacy, or a complaint lodged with the organisation that has been recognised as legitimate by the organisation. Employee awareness and preparedness remain integral to the Group’s cybersecurity framework. Designated employees receive specialised training relevant to their roles, while all staff are kept informed through regular electronic communications highlighting recent cyber incidents, risk scenarios, and preventive measures. This proactive and layered approach helps strengthen cybersecurity awareness across the organisation and enhances the Group’s ability to respond effectively to evolving cyber threats. Contents Introduction Approach to Sustainability Upholding Good Governance Caring for Our Customers Empowering Our People Preserving Our Planet Creating Shared Value for Our Society GRI Content Index YANLORD LAND GROUP LIMITED SUSTAINABILITY REPORT 2025 36
RkJQdWJsaXNoZXIy NTM2MDQ5