The case for CSR/ Sustainability Reporting Done Responsibly


IDENTIFY - MEASURE - MANAGE - CHANGE

Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Home / case studies / Case study: How Axis protects customer privacy

Case study: How Axis protects customer privacy

As an industry leader in network video with a global market presence, offering products and services for video surveillance, access control and audio systems, as well as video analytics, distributed across the globe through a broad network of partners and its own global operations, Axis constantly works and invests in different measures to achieve the best possible security in its products and solutions, safeguarding customers’ privacy. 

This case study is based on the 2017 Annual and Sustainability Report by Axis published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate what CSR/ ESG/ sustainability reporting done responsibly means. Essentially, it means: a) identifying a company’s most important impacts on the environment, economy and society, and b) measuring, managing and changing.

Layout 1Abstract

For Axis and its partners it is extremely important that customer privacy is handled properly  Tweet This!, ensuring effective security with the aim of protecting customer information. In order to protect customer privacy Axis took action to:
  • focus on IT security
  • work preventively to protect customer information
  • provide training
  • deal with vulnerabilities and incidents

What are the material issues the company has identified?

In its 2017 Annual and Sustainability Report Axis identified a range of material issues, such as customer satisfaction, anti-corruption, carbon footprint, occupational health and safety, human rights and working conditions in the supply chain. Among these, protecting customer privacy stands out as a key material issue for Axis.

Stakeholder engagement in accordance with the GRI Standards              

The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:

“The reporting organization shall identify its stakeholders, and explain how it has responded to their reasonable expectations and interests.”

Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.

Key stakeholder groups Axis engages with:

Stakeholder Group                Method of engagement
Employees

 

 

 

 

·      Web survey with all employees in companies acquired in 2016

·      Employee survey

·      Performance reviews

·      Continual dialogue with trade unions

·      In-depth interviews about Axis’ sustainability work

·      Intranet, meetings etc.

Distributors and partners

 

 

·      Web-based survey with distributors and partners in all regions where Axis has operations

·      Training

·      Webinars

·      events

·      In-depth interview about Axis’ sustainability work

·      Newsletters etc.

End customers

 

·      Continuous evaluations

·      Newsletters

Suppliers

 

·      In-depth interviews about Axis’ sustainability work

·      Training

·      Webinars

·      Supplier audits

Investors and owners

 

·      Meetings

·      Board meetings

·      Interim reports

·      Annual report

·      Annual general meeting

·      Interview about Axis’ sustainability work

Society

 

·      In-depth interviews about Axis’ sustainability work with representatives from local authorities and trade associations

·      Membership of local and international trade associations

·      Collaboration with universities

·      Trade exhibitions and other activities for students

How stakeholder engagement was made to identify material issues

To identify and prioritise material topics Axis engaged with its stakeholders through a web survey, in-depth interviews and further dialogues in the form of employee surveys, satisfaction surveys, customer meetings, discussions and various types of collaboration.

What actions were taken by Axis to protect customer privacy?

In its 2017 Annual and Sustainability Report Axis reports that it took the following actions for protecting customer privacy:

  • Focusing on IT security
  • Axis has further increased its focus on IT security and works on this issue both internally and externally. Questions regarding IT security have also gained a more prominent role in Axis’ dialogue with distributors and partners. Additionally, Axis has started work on becoming certified according to the ISO27001 information security standard.
  • Working preventively to protect customer information
  • Axis works preventively and tries to eliminate all types of vulnerability before an incident is likely to occur, regardless of whether it concerns the vulnerability of an individual camera or of a larger solution. Accordingly, Axis carries out regular checks and evaluations to make sure customer information is handled and stored securely, and works continually to further improve security. Additionally, Axis’ research and development department attaches the highest priority to security and makes every effort to ensure software and interfaces are robust, with a high level of safety. Axis’ products and solutions support encryption and IP address filtering, and enable user authorisation protection and multi-stage logins.
  • Providing training
  • Axis trains its partners through seminars and workshops, and has additionally produced instructional materials. Axis also offers targeted training to its installers, to make sure video surveillance system installations are as safe as possible. In addition, at Axis’ partner meetings, questions about customer privacy and IT security in Axis’ products are continually discussed.
  • Dealing with vulnerabilities and incidents
  • Axis deals immediately with questions relating to customer privacy and personal integrity, and takes them extremely seriously. During 2017 Axis published six security bulletins, owing to the detection of vulnerabilities that had an impact on various products and solutions. Such publications, along with software updates to correct the problem, occur immediately when Axis discovers vulnerabilities.

Which GRI Standards and corresponding Sustainable Development Goals (SDGs) have been addressed?

The GRI Standard addressed in this case is:

Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data

Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data corresponds to:

  • Sustainable Development Goal (SDG) 16: Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
  • Business theme: Compliance with laws and regulations, Protection of privacy

 

80% of the world’s 250 largest companies report in accordance with the GRI Standards

SustainCase was primarily created to demonstrate, through case studies, the importance of dealing with a company’s most important impacts in a structured way, with use of the GRI Standards. To show how today’s best-run companies are achieving economic, social and environmental success – and how you can too.

Research by well-recognised institutions is clearly proving that responsible companies can look to the future with optimism.



FBRH GRI Standards Certified and IEMA approved Sustainability Course | Venue: London LSE

By registering for the next 2-day FBRH GRI-Standards Certified and IEMA approved Course you will be taking the first step in gaining the many benefits of sustainability reporting.

 

References:

1) This case study is based on published information by Axis, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:

http://database.globalreporting.org/

2) https://www.globalreporting.org/standards/gri-standards-download-center/

Note to Axis: With each case study we send out an email requesting a comment on this case study. If you have not received such an email please contact us.

X