As a leading facility management provider, we prioritize a risk-based, continuously evolving security strategy. Coor plays a vital role in safeguarding the supply chain and managing its associated risks for our customers. We anticipate that the external threat landscape will remain elevated, with threats ranging from organized cybercrime to state-sponsored activity.
Cybersecurity at Coor is governed at the executive level to ensure strategic and tactical alignment across the organization. Our council for Privacy and Information Security Management oversees regulatory compliance and operational security.
A cross-functional leadership group ensures accountability and resilience across cybersecurity, IT operations, and data protection.
Coor bases its security controls on the ISO/IEC 27001:2022 standard, ensuring alignment with international best practices. We also utilize the CIS Control framework to benchmark and continuously improve our cybersecurity maturity.
External control audits are conducted yearly and as stipulated by agreements with our customers.
Cybersecurity risk is managed through structured processes that are integrated across Coor's operations. The results of risk assessments are reported to executive management and the Board of Directors and included in our annual risk disclosures. Risk management undergoes regular reviews at both executive and board levels.
Coor’s commitment to information security is ongoing and proactive. We conduct regular training, simulate threat scenarios to test incident readiness, and continuously adapt our defences based on evolving risks.
We strive to provide confidence to our customers, partners, and stakeholders through both action and transparency.
Privacy matters: gdpr@coor.com
Cybersecurity matters: csirt@coor.com
Relevant information for suppliers. Refer to our Code of Conduct for Suppliers, General Terms and Conditions, and Information Security Requirements for Suppliers.
