Projects

Markets

Key Services

Insights

Expert insights on issues that transform business, increase sustainability and improve lives

Explore our insights

Topics

Here’s a snapshot of what we’re thinking about. Explore these highlights or view the full library to dive deeper into the ideas shaping our work.

Meet our people

Meet some of our passionate problem-solvers, constructive creatives and inspiring innovators

Meet our people

About Us

Skyscrapers in Singapore.
Opportunities around the world
Start your career journey

Careers

Offices News Contact

Information security and privacy

Commitment

Mott MacDonald ensures the security of our information assets to maintain the trust of our clients, partners, workforce, and other stakeholders.

We uphold the principles of confidentiality, integrity, and availability of information, and we embed information security, privacy, and data protection into everything we do. We respect the legal rights of the individuals whose personal information we process. We require these same commitments from those we work with.

We comply with applicable legal and regulatory requirements in every jurisdiction in which we work.

Approach

To fulfil our commitment, we:

  • adopt an approach that meets – or exceeds – client expectations and contractual obligations
  • ensure appropriate security measures are in place for all the information we hold, including the physical security of our offices and the secure storage of archived data
  • adhere to the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability in all our information processing activities
  • operate in alignment with our PRIDE values and Our Code
  • work to continually improve the way we manage information security and privacy risks and meet the needs of our employees, clients, and business.

Our business management system meets the requirements of ISO:9001, ISO:27001, and Cyber Essentials Plus, and it is independently certified in appropriate geographical locations around the world.

Responsibility

  • The chief governance officer is responsible for this policy and its implementation.
  • Regional general managers are responsible for the effective implementation of this policy in their regions and business units.
  • Information security and technology managers are responsible for monitoring the effectiveness of this policy and for ensuring that our information security and privacy commitments are reflected in our operational requirements.
  • Project managers are responsible and project principals accountable for leading compliance with information security, privacy, and data protection requirements throughout the lifecycle of their projects.
  • All members of our workforce are responsible for conducting their work in a way that protects the confidentiality, integrity and availability of the data they create, access or manage. They must complete information security, privacy and data protection training annually to stay informed about their responsibilities and current best practices.

 

Alec Pavitt
Chief governance officer