Cybersecurity excellence at Adani: Safeguarding corporate assets In the fast-evolving digital landscape, the Adani Portfolio of companies remains at the forefront of cybersecurity, ensuring the protection of corporate value and stakeholder trust amid dynamic cyber threats. We recognise the transformative impact of digitalisation, reshaping various facets of business operations. In this digital era, ensuring seamless access to our networks, IT systems, and data stands as a critical priority. Any interruptions or deviations from agreed-upon systems performance could entail significant costs and reputational risks for our organisation. We comprehend that the threats to our digital infrastructure and information assets are multifaceted, arising from diverse sources, including technical failures, human errors, malicious attacks, adverse weather conditions, natural disasters, and even terrorist acts. To fortify our operations, we are dedicated to adeptly managing these risks by formulating comprehensive contingency plans. Our focus centers on assessing our readiness to prevent IT system failures and handling significant incidents related to information security and cybersecurity. We continually evaluate our capacity to respond promptly and effectively in the face of such incidents, ensuring minimal disruptions and efficient risk mitigation. By comprehensively gauging the financial implications of these occurrences, we gain valuable insights into potential consequences, empowering us to make informed decisions safeguarding our organisation’s financial stability. Robust IT security infrastructure Leveraging cutting-edge technology, the Group optimises costs, enhances decision- making, and strengthens information security. Continuous IT upgrades and adherence to industry best practices have streamlined operations, reducing project timelines. The Group’s cybersecurity policy aims to protect Company’s IT infrastructure from cyber threats and maintain the confidentiality and integrity of its systems. It includes risk-mitigating systems, processes, and controls and is applicable to all stakeholders who have access to our information and network. Business continuity mechanisms are integrated into our information systems, incorporating redundancy and high availability features at multiple levels. Our Cyber Security Policy, aligned with global best practices, informs stakeholders about our data management practices, ensuring a compliance with regulations. The policy mandates compliance with national and international cyber security standards, implementation of control measures, protection of critical information, and regular cyber-security audits. It establishes reporting channels for policy violations and requires collaboration with experts to upgrade information management infrastructure. Business heads are responsible for policy compliance, and all breaches are reported, investigated, and acted upon. The policy applies to all stakeholders, including employees, contractors, and affiliated third parties, and covers various information systems. Regular reviews will ensure policy effectiveness and relevance. Also, our businesses have their own Information Technology and Data Security Committee, accountable to the Board of Directors. The committee’s primary objective is to oversee the Company’s information technology usage and protection. This includes reviewing and overseeing corporate policies, plans, and programs related to enterprise cybersecurity and data protection risks associated with the Company and its IT infrastructure. The committee also plays a pivotal role in evaluating and supervising the IT functions within the organisation. This involves ESG Report 2022-23 165 164 Adani Group