Skip to Main Content
(Press Enter)

Our strategy

We have adopted corporate governance practices that are consistent with our commitment to transparency and best-in-class practices.

Purpose management and governance

Cisco’s People, Policy, and Purpose organization leads our social investment programs and champions our commitment to ESG performance and transparency.

Within this organization are teams responsible for:

  • Setting and driving reporting strategy through multiple inputs, including analyses of internal and external stakeholder priorities, the ESG landscape, and Cisco’s business strategy
  • Working cross-functionally to help determine priorities and drive the process for governance across business functions
  • Setting and stewarding Cisco’s ESG materiality1 assessments for our voluntary reporting
  • Coordinating and supporting broad ESG alignment and reporting
  • Engaging with a broad range of internal and external stakeholders
  • Researching and monitoring ESG trends
  • Conducting bespoke research to inform strategic decisions and share as thought leadership
  • Stewarding and developing our annual Purpose Report and ESG Reporting Hub

Business functions also own ESG priorities. Teams integrate priorities into their business strategy by setting goals, implementing plans, and measuring performance. Many priorities and goals involve multiple functions. To support accountability and alignment, we create cross-functional teams to execute against these goals.

ESG business process

Infographic detailing our ESG business process

Risk management

Cisco’s leadership is responsible for day-to-day risk management activities. The Board of Directors, acting directly and through its committees, is responsible for the oversight of Cisco’s risk management. With the oversight of the Board of Directors, Cisco’s management has implemented practices, processes, and programs designed to help manage the risks to which we are exposed in our business and to align risk-taking appropriately with our efforts to increase stockholder value.

Cisco’s management has implemented an enterprise risk management (ERM) program, managed by Cisco’s internal audit function, that is designed to work across the business to identify, assess, govern, and manage risks and Cisco’s response to those risks. Cisco’s internal audit function performs an annual risk assessment, which is utilized by the ERM program. The structure of the ERM program includes both an ERM operating committee that focuses on risk management-related topics, as well as an ERM executive committee consisting of members of management. The ERM operating committee conducts global risk reviews and provides regular updates to the ERM executive committee.

The Audit Committee, which oversees our financial and risk management policies, including data protection (comprising both privacy and security), receives regular reports on ERM from the chair of the ERM operating committee, as well as regular reports on cybersecurity from Cisco’s Chief Security and Trust Officer multiple times a year. Other Board committees oversee certain categories of risk associated with their respective areas of responsibility.

The Environmental, Social, and Public Policy Committee of the Board oversees Cisco’s initiatives, policies, programs, and strategies concerning environmental sustainability and other key corporate social responsibility (CSR) and public policy matters, as more fully set forth in the Committee's Charter. The Compensation Committee of the Board oversees the development and implementation of Cisco’s practices, strategies, and policies used for recruiting, managing, and developing employees (i.e., human capital management). These practices, strategies, and policies focus on diversity and inclusion, workplace environment and safety, and corporate culture. In addition, the full Board receives updates on Cisco’s overall CSR strategy, including ESG matters, from management.

The Governance, Risk, and Controls (GRC) organization manages the company’s internal audit function. GRC operates under the International Standards for the Professional Practice of Internal Auditing (the Standards) as published by the Institute of Internal Auditors (the IIA, www.theiia.org). The Standards require an external assessment to be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization. GRC’s last external assessment was completed in June 2022 and achieved the rating of “Generally Conforms with the International Standards for the Professional Practice of Internal Auditing and the IIA Code of Ethics,” which is the highest rating in evaluating compliance to the Core Principles for the Professional Practice of Internal Auditing and the Definition of Internal Auditing.

Board of Directors

Environmental, Social, and Public Policy Committee

Oversees the Company’s initiatives, policies, programs, and strategies concerning environmental sustainability and other key corporate social responsibility and public policy matters.

Other Board committees

  • Acquisition
  • Audit
  • Compensation and Management Development
  • Nomination and Governance

People, Policy, and Purpose Organization

Champion Cisco’s companywide commitment to ESG performance and transparency

Business functions and
cross-functional teams

Conduct due diligence and implement policies and programs for specific focus areas

Governance, risk,
and controls

Champion ERM efforts across the business to identify, assess, and manage risks

ESG topics*

Environmental

  • Climate change and GHGs
  • Circular economy
  • Operational waste
  • Environmental regeneration and protection
  • Water

Social

  • Inclusion and diversity
  • Talent
  • Human rights and working conditions in the supply chain
  • Employee wellbeing
  • Employee health and safety and labor rights
  • Digital inclusion
  • Community impact
  • Critical human needs and disaster relief
  • Economic empowerment

Governance

  • Corporate governance
  • Data security and privacy
  • Business ethics
  • Innovation and responsible technology

* These ESG focus areas are the topics identified in our fiscal 2023 ESG materiality assessment.1 The topics found to be of greater importance are noted in bold.

1 ESG materiality, as referred to in this website and in our ESG reporting, and our ESG materiality assessment process are different from “materiality” in the context of Securities and Exchange Commission (SEC) disclosure obligations. Issues deemed material for purposes of our ESG reporting and for purposes of determining our ESG strategy may not be considered material for SEC reporting purposes, nor does inclusion of information in our ESG reporting indicate that the topic or information is material to Cisco’s business or operating results.

ESG business process

Core reporting team

Steward ESG strategy

Stakeholder engagement ESG materiality assessment and risk assessment

Stakeholder feedback to the business

Business functions

Prioritization, goal setting, and initiatives

Implementation and performance management

Outcomes and impact measurement