Devon is a data-driven company. We see our use of advanced technologies in operations and corporate functions – in a culture of creativity and innovation – as a competitive advantage.
We have a responsibility to protect the information and systems that underpin our technology advantage. In the interest of sustainability, we ensure that proper consideration is given to information and cybersecurity risks in our enterprise risk management program. Devon’s senior leaders regularly update our board of directors on our information security programs and on potential threats.
Our information security program, which uses industry-leading technology and processes, is aligned with the National Institute of Standards and Technology Cybersecurity Framework for risk management and is assessed by third-party experts. We are guided by our corporate information security policy, and we exercise and test our incident response and disaster recovery plans. A senior leader and a team of highly trained information-security professionals manage information systems, risk and security. As a proactive measure, our team develops, uses and shares cyber-threat intelligence.
Devon encourages a culture of prevention to protect our data and systems, including cybersecurity awareness training for all employees and contractors, and specific training for teams that have access to sensitive data. We recognize employees who help us avoid potential cybersecurity events, and enforce a Code of Business Conduct for the proper use of the company’s information systems.
As technology evolves over time, we will continue to prioritize the protection of our data and systems to give our employees the tools they need to deliver results and create value.