SASB standards were published in late 2018. In the current version of the standards, the SASB Materiality Map establishes 26 issue categories grouped into five dimensions. These issue categories are then applied by SASB across 11 industry sectors broken into 77 industries.
Cisco is classified by SASB in the Hardware industry category under the Technology & Communications sector. On the SASB Materiality Map, five issue categories are identified as material for the Hardware industry.
As our existing Software and Services offerings continue to expand, we plan to evaluate disclosures aligned to the SASB Software & IT Services industry metrics that are relevant and applicable to our business in the future.
The following table provides Cisco’s SASB disclosure for the Hardware industry. Disclosure guidance was taken from the SASB Hardware Sustainability Accounting Standard (October 2018) as informed by the SASB Hardware Basis for Conclusions report (October 2018).
Topic
SASB code
SASB accounting metric
Disclosure
Topic: Data Security
SASB code:
TC-HW-230a.1
SASB accounting metric:
Description of approach to identifying and addressing data security risks in products
Disclosure:
We hold ourselves accountable for resolution of security and privacy incidents. When issues arise with Cisco’s solutions, our global Product Security Incident Response Team (PSIRT) responds swiftly, using a playbook with documented resolution procedures. When security or privacy incidents occur, our Computer Security Incident Response Team (CSIRT) and/or our Data Privacy and Incident Response (DPIR) team kick into gear. These teams perform comprehensive incident investigation, remediation, and prevention through threat assessment and detection, mitigation planning, incident trend analysis, and security architecture review.
Topic: Employee Engagement, Diversity & Inclusion
SASB code:
TC-HW-330a.1
SASB accounting metric:
Percentage of gender and racial/ethnic group representation for (1) management, (2) technical staff, and (3) all other employees
Percentage of products by revenue that contain IEC 62474 declarable substances
Disclosure:
Cisco has policies and procedures in place regarding materials regulated by global product-related environmental laws and regulations and/or our customers. In accordance with Cisco Policies, IEC 62474 declarable substances are restricted by Cisco in accordance with applicable requirements and timeframes, and/or substances which Cisco expects suppliers to reduce and phase out, as technically and environmentally sound alternatives become available.
The majority of our electronic products may contain small amounts of IEC 62474 declarable substances such as lead. Lead is restricted in delivered products in accordance with applicable requirements and timeframes. It may be contained in permitted applications/uses under Restriction of Hazardous Substances (RoHS) legislation.
Read about Cisco’s position regarding relevant product-related Materials, Battery & Packaging legislation under Materials (e.g., RoHS; Registration, Evaluation, Authorization, and Restriction of Chemicals (REACH)) and Waste Electrical and Electronic Equipment (WEEE), Battery & Packaging Compliance. Additionally, Cisco recognizes the power of collective action. We collaborate with peer companies and other stakeholders, and participate in coalitions and initiatives, to promote common regulatory and industry approaches. Cisco participates in IEC 62474 Americas region Validation Team.
Topic: Product Lifecycle Management
SASB code:
TC-HW-410a.2
SASB accounting metric:
Percentage of eligible products, by revenue, meeting the requirements for EPEAT registration or equivalent
Disclosure:
3.2%
Note: We followed the same methodology as used in FY22 to calculate our FY23 metrics. We expect these numbers to continue to fluctuate as we improve our methodology to accurately estimate all values going forward.
Topic: Product Lifecycle Management
SASB code:
TC-HW-410a.3
SASB accounting metric:
Percentage of eligible products, by revenue, meeting ENERGY STAR® criteria
Disclosure:
6.0%
Note: We followed the same methodology as used in FY22 to calculate our FY23 metrics. We expect these numbers to continue to fluctuate as we improve our methodology to accurately estimate all values going forward.
Topic: Product Lifecycle Management
SASB code:
TC-HW-410a.4
SASB accounting metric:
Weight of end-of-life products and e-waste recovered; percentage recycled
Disclosure:
FY23: 10,213 metric tonne Total materials, metric tonne (Total weight of reused, recycled, and landfilled material.)
FY23: 87.7% Returned material sent to recycle, percent (All remaining electronic waste materials, including plastics, precious, and nonprecious metals, are shredded and recycled by our contracted e-scrap recyclers.)
Topic: Supply Chain Management
SASB code:
TC-HW-430a.1
SASB accounting metric:
Percentage of Tier 1 supplier facilities audited in the RBA Validated Audit Process (VAP) or equivalent, by (a) all facilities and (b) high-risk facilities
Disclosure:
We require regular audits of manufacturing partners every two years.
In fiscal 2023, we audited at least 50 percent of component supplier facilities that were deemed high risk according to our annual risk assessment process.
Topic: Supply Chain Management
SASB code:
TC-HW-430a.2
SASB accounting metric:
Tier 1 Manufacturing partner and component suppliers' (1) number of non-conformance findings in rate with the RBA Validated Audit Program (VAP) or equivalent, and (2) associated corrective action closure rate for (a) priority non-conformances and (b) other major non-conformances
Description of the management of risks associated with the use of critical materials
Disclosure:
Cisco’s Partner Business Continuity Plan program is a collaborative effort that allows our suppliers to provide and identify business continuity data about their manufacturing site locations and recovery capabilities (alternate production capabilities and recovery times for sites and specific components) and are assessed against a Cisco Business Continuity Plan standard to gauge the quality and resiliency levels of the sites.
The information allows Cisco to identify vulnerabilities that may exist in the overall supply chain. Cisco can proactively direct resources to prioritize and develop mitigation plans and procedures in those areas of opportunity through continuous improvement practices. Examples include supplier financial risk assessments, product standardization, Business Continuity Plan compliance, dual-sourcing, diversification, and buffer-inventory. In a major disruption, this data provides Cisco with the information required to assess potential impact and enable quick response to ensure minimal impact to our customers.