TRC 2020 Sustainability Report | Page 29

MAINTAINING CYBER SECURITY AND DATA PRIVACY
TRC is committed to ensuring the protection of our clients , their privacy , and data we are entrusted to hold . Many of TRC ’ s customers are part of the 16 critical infrastructure sectors defined by the Department of Homeland Security . We believe safeguarding our clients , their privacy , and their data is the same as protecting national security on behalf of the people who depend on these critical infrastructure services our clients provide every day . Our approach on cyber security is aligned with the Critical Infrastructure Protection Act and the International Organization for Standardization ( ISO ) 27001:2013 to create consistency which promotes cyber security throughout the organization . This consistency has led to ISO27001:2013 certification of our Power Delivery Engineering practice .
In achieving this certification , standardization of policies and procedures has provided the foundation for TRC Cyber Security . By using a consistent approach that includes the deployment of defensive strategies layered throughout the enterprise , we are able to protect against known threats , respond in a repeatable manner and increase enterprise visibility . TRC uses this visibility to build quantitative and qualitative metrics to improve cyber security posture daily , reduce dwell time and enhance business continuity .
PRODUCING QUALITY SOLUTIONS
A multilevel quality organization includes TRC ’ s executive leadership team ; a corporate Quality Council ; Quality Leaders at the corporate , sector , and practice levels ; and a strong network of Office Quality Coordinators . This organization works in unison to attain TRC ’ s quality goals and objectives .
A culture of performance excellence is instilled by holding every employee accountable for the quality of their work and empowering each person with stopwork authority if necessary . Contractors , suppliers , and partners are also accountable for compliance with TRC ’ s quality policy and procedures . Quality performance is regularly monitored to identify opportunities for improvements and where additional training is required .
Quality at TRC is more than meeting or exceeding our customers ’ expectations . It is also about creating meaningful value for them and forging an alliance as their trusted business partners .
Metrics are reported quarterly to the TRC Cyber Security Council made up of various operating practice leaders to provide oversight and guidance to spread the responsibility of Cyber Security to the enterprise . Our commitment to excellence , drive to reduce complexity , and strong security culture is the cornerstone for maintaining cyber security and data privacy at TRC . It is in furtherance of our commitment to Cyber Security and client confidentiality that we do not report out information concerning potential breaches or vulnerabilities .
27