Page 134 - Index
P. 134
4. 5. 6. Details of the benefits derived and shared from the intellectual properties owned or acquired by your entity (in
the current financial year), based on traditional knowledge
Crisil services do not use intellectual properties from communities based on traditional knowledge.
Details of corrective actions taken or underway, based on any adverse order in intellectual property related
disputes wherein usage of traditional knowledge is involved
Crisil services do not use intellectual properties from communities based on traditional knowledge.
Details of beneficiaries of CSR Projects
Please refer to table no. 24(c) on pg. no. 144 of the Sustainability Databook
PRINCIPLE 9: Businesses should engage with and provide value to their consumers in a
responsible manner
Essential Indicators
1. 2. 3. 4. 5. 6. Describe the mechanisms in place to receive and respond to consumer complaints and feedback.
Each business receives and addresses customer complaints regularly. Complaint redressal is tracked rigorously
at various levels of the management. The Stakeholders’ Relationship Committee of the Board regularly dedicates
exclusive time to review stakeholder complaints, including customer complaints. Additionally, refer to Q4 of Leadership
indicators of this Principle for information on customer surveys undertaken.
Turnover of products and/services as a percentage of turnover from all products/service that carry information
about social and environmental parameters, safe and responsible usage, recycling and safe disposal.
Not applicable considering the nature of Crisil’s business.
Number of consumer complaints in respect of data privacy, advertising, cyber-security, unfair trade practices,
etc.
Refer to table no. 21(b) on page 141 of Sustainability Databook
Details of instances of product recalls on account of safety issues
Not applicable considering the nature of Crisil’s business.
Does the entity have a framework/policy on cyber security and risks related to data privacy? (Yes/No) If available,
provide a web-link of the policy
Yes. Crisil also has adopted “Crisil Global Corporate Privacy policy”, which can be accessed at https://www.Crisil.com/
content/Crisilcom/en/home/Crisil-privacy-notice.html
Provide details of any corrective actions taken or underway on issues relating to advertising, and delivery of
essential services; cyber security and data privacy of customers; re-occurrence of instances of product recalls;
penalty/action taken by regulatory authorities on safety of products/services.
There were no penalty/action taken by the regulatory authorities in respect to the aforesaid.
However, protection of data and ensuring security during data transmission is vital to Crisil’s business. Crisil has
implemented comprehensive measures, including strong access controls, encryption for sensitive information, and
periodic audits to ensure compliance with organisational policies. Data protection involves deployment of technical
and administrative control measures to protect against vulnerabilities and threats such as malware or data theft.
Usage of latest tools/technologies enabling multifactor authentication, data loss prevention, inbound and outbound
traffic configuration through firewall systems and proxy solutions and configuration of controls on personal devices
used for accessing work-related purposes, ensure safeguarding of data from unauthorised access, alteration and
destruction.
132 Annual Report 2024