Information Risk Management (IRM) , as a member of the cybersecurity community committed to the prevention of all forms of harassment within our industry, hereby pledges its support for a workplace and community free from harassment and fear.
Harassment is any unwanted physical, verbal, or non-verbal conduct that has the purpose or effect of either violating a person’s dignity or creating an intimidating, hostile, degrading, humiliating or offensive environment for them. Harassment may be persistent or an isolated incident and may manifest obviously or be hidden or insidious. It may take place in person, by telephone or in writing, including emails, texts, or online communications such as social media. The definition of harassment applies equally to situations of direct communication as it does to situations of active exclusion of individuals, or solicitation of such communication or exclusion.
This pledge applies in the workplace as well as in work-related settings outside the workplace or outside the regular business day. We pledge that:
- We will work to eliminate harassment, to include all employees, partners, customers, and interactions. Any form of harassment, even when not unlawful or directed at a protected category, will not be tolerated.
- We will not tolerate, condone, or ignore any form of harassment no matter where it occurs, or the personnel involved.
- We will ensure that staff members are not asked to operate in unsafe organizational or social environments.
- We will empower employees, contractors and third parties to come forward with reports without fear of retaliation, and to immediately and respectfully respond without prejudice. We recognise that those reporting harassment are not in any way disloyal to the company or the community, and that everyone deserves to work in a positive environment.
- We will protect the anonymity of those reporting suspected violations to the greatest extent reasonably possible.
- We will regularly educate employees and contractors what constitutes harassment and why it’s never acceptable, while continually maintaining and actively reviewing our policy and reporting mechanisms.
- We will regularly discuss reporting protocol with our employees and ensure that we make a public version of this protocol publicly available for external reference and use.