Our strategy
We have adopted corporate governance practices that are consistent with our commitment to transparency and best-in-class practices.
We have adopted corporate governance practices that are consistent with our commitment to transparency and best-in-class practices.
Cisco’s People, Policy, and Purpose organization leads our social investment programs and champions our commitment to ESG performance and transparency.
Within this organization are teams responsible for:
Business functions also own ESG priorities. Teams integrate priorities into their business strategy by setting goals, implementing plans, and measuring performance. Many priorities and goals involve multiple functions. To support accountability and alignment, we create cross-functional teams to execute against these goals.
Cisco’s leadership is responsible for day-to-day risk management activities. The Board of Directors, acting directly and through its committees, is responsible for the oversight of Cisco’s risk management. With the oversight of the Board of Directors, Cisco’s management has implemented practices, processes, and programs designed to help manage the risks to which we are exposed in our business and to align risk-taking appropriately with our efforts to increase stockholder value.
Cisco’s management has implemented an enterprise risk management (ERM) program, managed by Cisco’s internal audit function, that is designed to work across the business to identify, assess, govern, and manage risks and Cisco’s response to those risks. Cisco’s internal audit function performs an annual risk assessment, which is utilized by the ERM program. The structure of the ERM program includes both an ERM operating committee that focuses on risk management-related topics, as well as an ERM executive committee consisting of members of management. The ERM operating committee conducts global risk reviews and provides regular updates to the ERM executive committee.
The Audit Committee, which oversees our financial and risk management policies, including data protection (comprising both privacy and security), receives regular reports on ERM from the chair of the ERM operating committee, as well as regular reports on cybersecurity from Cisco’s Chief Security and Trust Officer multiple times a year. Other Board committees oversee certain categories of risk associated with their respective areas of responsibility.
The Environmental, Social, and Public Policy Committee of the Board oversees Cisco’s initiatives, policies, programs, and strategies concerning environmental sustainability and other key corporate social responsibility (CSR) and public policy matters, as more fully set forth in the Committee's Charter. The Compensation Committee of the Board oversees the development and implementation of Cisco’s practices, strategies, and policies used for recruiting, managing, and developing employees (i.e., human capital management). These practices, strategies, and policies focus on diversity and inclusion, workplace environment and safety, and corporate culture. In addition, the full Board receives updates on Cisco’s overall CSR strategy, including ESG matters, from management.
The Governance, Risk, and Controls (GRC) organization manages the company’s internal audit function. GRC operates under the International Standards for the Professional Practice of Internal Auditing (the Standards) as published by the Institute of Internal Auditors (the IIA, www.theiia.org). The Standards require an external assessment to be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization. GRC’s last external assessment was completed in June 2022 and achieved the rating of “Generally Conforms with the International Standards for the Professional Practice of Internal Auditing and the IIA Code of Ethics,” which is the highest rating in evaluating compliance to the Core Principles for the Professional Practice of Internal Auditing and the Definition of Internal Auditing.
Oversees the Company’s initiatives, policies, programs, and strategies concerning environmental sustainability and other key corporate social responsibility and public policy matters.
Champion Cisco’s companywide commitment to ESG performance and transparency
Conduct due diligence and implement policies and programs for specific focus areas
Champion ERM efforts across the business to identify, assess, and manage risks
* These ESG focus areas are the topics identified in our fiscal 2023 ESG materiality assessment.1 The topics found to be of greater importance are noted in bold.
1 ESG materiality, as referred to in this website and in our ESG reporting, and our ESG materiality assessment process are different from “materiality” in the context of Securities and Exchange Commission (SEC) disclosure obligations. Issues deemed material for purposes of our ESG reporting and for purposes of determining our ESG strategy may not be considered material for SEC reporting purposes, nor does inclusion of information in our ESG reporting indicate that the topic or information is material to Cisco’s business or operating results.
Steward ESG strategy
Stakeholder engagement ESG materiality assessment and risk assessment
Stakeholder feedback to the business
Prioritization, goal setting, and initiatives
Implementation and performance management
Outcomes and impact measurement