In a changing world, the responsible assessment of risk is part of doing business as a global company. To maintain our business resiliency, Cisco works to anticipate and prepare for major disruptive events that might threaten our ability to conduct business.
From deploying redundant communications systems to maintaining the safety of Cisco employees to dealing with pandemic threats and natural disasters to evaluating geopolitical risks within our supply chains, Cisco seeks to ensure business continuity across our company.
Part of this process requires the development of “risk maps” that measure the likelihood and severity of an adverse event based on interviews with the risk owners within the company. These risk maps identify the portfolio of assets that are at risk, the level of risk, what considerations need to be built into the business model to address the risks, and how the risks should factor into a group’s or business unit’s decision-making process.
Factors used in relative risk ranking and mapping include geopolitical and financial events, pandemic events such as an outbreak of avian flu, and governmental stability. Potential disruptions in our supply chain, including events at key manufacturing and commodity supplier sites as well as business-critical infrastructure sites, such as airports, are monitored by the Supply Chain Risk Management (SCRM) team using a worldwide alert service, to ensure minimal disruption.
Reducing Risk in the Supply Chain
Cisco has one of the most complex supply chains in the IT industry, with almost 200 product families that require more than 35,000 component parts. Our partners provide electronic manufacturing, testing, design, transportation, logistics, and other services. With a complex supply chain that is globally dispersed, managing supplier relationships is a complex, demanding, and ongoing process.
Cisco works closely with our manufacturing and component suppliers as well as logistics partners to ensure quality and reliability in our supply chain, and we conduct regular performance reviews with them to proactively identify areas for continual improvement.
Our supply chain risk management organization helps to develop analytics to assess and predict risk scenarios and then works directly with the manufacturing and supplier entities to help identify, assess, and avoid risks. Site assessments are undertaken directly, or we employ a third-party assessor to do the inspection. Risk assessors employ actuarial data to look at factors such as the potential for a natural disaster at the site.
In 2008, the Emerging Countries Supply Chain Team updated and improved upon the emerging economies analytical processes developed in 2007. The team incorporated techniques taught in the world’s leading international business schools to extend our view into our supply chain, with the goal of enhancing our ability to proactively understand and address the unique challenges of these countries. The newly bifurcated model takes into consideration the operating environment as well as the sales environment to identify the supply chain transformation required to improve Cisco’s supply chain performance and customer satisfaction, based on the unique aspects of each country. The following factors are now taken into consideration:
1 PESTEL refers to political, economic, social, technological, environmental, and legal factors.
2 The iPod currency index measures buying power based on local prices for the Apple iPod.
We also determine site-specific risks to buildings and equipment. For example, one location may introduce a higher geopolitical risk but present fewer natural-hazard risks. The goal is to anticipate and avert possible problems.
For example, each year, suppliers are asked to respond to a Business Continuity Planning (BCP) assessment questionnaire prepared by the Global Supply Chain Management team, which helps Cisco assess suppliers’ ability to maintain business continuity.
To support sound business resiliency decisions throughout our relationships with our suppliers, we meet regularly with the contract manufacturers and key component suppliers who build or add value to our products, to discuss what risks we face and what actions those risks require. In the process, we seek to develop long-term, mutually beneficial relationships with our suppliers.
Ensuring an Ethical Supply Chain
How Cisco products are created—from a human rights perspective, from an environmental perspective, and from a community perspective—is very important to Cisco. In FY08, Cisco’s top suppliers were asked to respond to additional questions regarding their own corporate social responsibility practices. To help ensure that our supply chain continues to be sustainable, Cisco also partners with a number of organizations dedicated to developing and disseminating best practices in the production and distribution of Internet and electronic technology and equipment.
Cisco is an early member of the Electronic Industry Citizenship Coalition (EICC), a group of companies whose mission is to create a comprehensive set of tools and methods that support credible implementation of a Code of Conduct throughout the electronics and information and communications technology (ICT) supply chain. Cisco sits on the Board of Directors of the organization and has helped guide the organization’s expansion, and representatives are also involved in various work groups. Through the EICC, Cisco has actively contributed to the development of standardized methodologies, tools, and processes for assessing and monitoring supply chain social responsibility across our industry sector.
All Cisco suppliers are provided with the Cisco Supplier Code of Conduct, which conforms with the EICC code and sets forth performance and compliance expectations across five areas of social responsibility:
- Labor
- Health and safety
- Environmental
- Management system
- Ethics
In addition, Cisco is a long-time board member of the Global e-Sustainability Initiative (GeSI), a consortium of companies formed in 2001 in support of the United Nations Millennium Development Goals.
Through our involvement in GeSI, Cisco is working with other IT companies to further sustainable development in the IT sector, with particular focus on ICT product responsibility, supply chain management, and climate change. Work groups dedicated to these specific issues aim to provide industry advice to companies, policymakers, and consumers by:
- Creating an open and global forum for the improvement of products, services, and access to ICT for the benefit of environmental sustainability and society
- Facilitating international and multistakeholder cooperation for the ICT sector
- Encouraging harmonization and continual improvement in sustainability management within the industry
- Promoting and supporting greater awareness, accountability, and transparency
