Enterprise Risk Management
Our Enterprise Risk Management system is a combination of several processes and policies that act together to consider potential risks and corresponding controls surrounding the risks. Utilizing this system, we are better able to manage and mitigate potential issues while also seizing opportunities.
Internal controls implemented throughout Core Lab are considered entity-level controls that establish expectations relative to fraud and financial reporting.
The program and controls address each element of the Internal Control-Integrated Framework published by the Committee of Sponsoring Organizations of the Treadway Commission. We evaluate the effectiveness of our anti-fraud program through a detailed analysis of specific organizational policies and procedures.
Our commitment to safeguarding intellectual property rights and personal data includes protecting intangible assets and proprietary information from unauthorized access and ensuring their efficient and proper use. This includes a commitment to:
- Maintaining strict confidentiality of technical and personal data.
- Implementing security measures to limit access to proprietary information.
- Ensuring company property and information are not used for improper gain.
Each of our employees has a role in ensuring that the information we store and share electronically is done with the utmost care and responsibility. To that end, we have taken several steps to ensure the confidentiality, integrity, and availability of information, by:
- Keeping up to date cyber risk assessments and incident response plans.
- Having strong policies around acceptable use and data governance.
- Keeping employees up to date on cyber trends through annual awareness training, phishing simulations, and articles in the Company newsletter.
- Requiring two-factor authentication prior to granting access to Company IT assets.
- Employing industry best practices such as endpoint protection, email security, and strong encryption to guard against malware, viruses, and other cyberattacks.