Governance

Board of Directors

Ethics, Policies, and Practices

Kirby is committed to the highest ethical standards across the company and its supply chain.

Business Ethics Guidelines

9

Kirby is committed to doing business
the right way or “The Kirby Way”

9

All Kirby directors, executives, and
employees are required to sign and
uphold the Business Ethics Guidelines

9

Guideline topics include: Equal
Opportunity, Discrimination and Sexual Harassment, Respecting Human Rights, Anti-Corruption, Financial Accountability, Political Activities, Social Media, etc.

9

Kirby does not tolerate any retaliation against employees for reporting a violation of law, rule, regulation, or the Guidelines

9

More than 5,000 training courses
completed on Business Ethics and
Foreign Corrupt Practices Act in 2022

Vendor Code of Condut

9

Kirby implemented stronger guidelines for our suppliers, which were designed to help ensure responsible product sourcing and the safety and well-being of workers across the global supply chain

9
Establishes the minimum standards that must be met by any supplier that sells goods to or does business with Kirby regarding:

– Treatment of workers
– Workplace safety
– Impact on the environment
– Ethical business practices

Respecting Human Rights

9

Kirby is committed to ensuring a work environment that is free from:
‒ Human Trafficking
‒ Forced Labor
‒ Harmful Child Labor
‒ Discrimination and Harassment

9

Employees are expected to consistently demonstrate respect and uphold the dignity of others

9

Employees are to encourage partners, suppliers, and other third parties to adopt similar standards with respect to human rights

Kirby’s position on Human Rights is outlined in its Business Ethics Guidelines, Vendor Code of Conduct, and Human Trafficking Policy.  In addition to other training Kirby provides to its employees, Kirby has recently implemented targeted human rights training for its employees.  The company targets to have all employees trained by 2024. Violations or concerns may be communicated via the Company Hotline and may result in termination of employment or the relationship with the supplier.

97% completion of human rights training*

*Training is being implemented by business unit

Target: 100% company-wide training complete by 2024

Cybersecurity and Data Privacy

Governance

9
Kirby senior management briefs the board quarterly on information security matters.

  • Steering Committee: Meets at a minimum quarterly to discuss overall approach, manage priorities, and ensure progress
  • Audit Committee: Receives a Cybersecurity update quarterly

Proactive Defense

9
Managed Detection and Response: Professional service to monitor the network and respond to intrusions on 24/7 basis
9

Multifactor Authentication

9

Monthly vulnerability management program for critical and high-security patching

9

Anti-phishing solution for emails

9

The company has not experienced an information security breach in the last four years

9

Sophisticated backup and recovery solutions

9

Geofencing

9

A robust and practiced incident response plan

Employee Education and Training

9
Training: Security awareness program utilizing weekly tips and training

  • All employees are required to complete annual cybersecurity training
  • Director hosts targeted training with high-risk users and executive
9
Testing: Perform monthly phishing scam tests with associated real-time training

  • Employees who fail a phishing test are required to take remedial training
9

Education: Cybersecurity Director speaks at operations meetings to raise awareness and educate on current topics