Case study: How Cybercom promotes ethical business behaviour
Cybercom is an IT consulting company enabling companies and organisations to benefit from the opportunities of the connected world and enhance their competitiveness, through innovative and sustainable solutions. Cybercom complies with the Swedish Anti-Corruption Institute’s Code of Gifts, Rewards and other Benefits in Business and works actively to combat corruption and unethical practices, making sure that every employee acts legally and appropriately in relation to Cybercom’s stakeholders.
This case study is based on the 2019 Sustainability Report by Cybercom published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate what CSR/ ESG/ sustainability reporting done responsibly means. Essentially, it means: a) identifying a company’s most important impacts on the environment, economy and society, and b) measuring, managing and changing.
Abstract
Cybercom seeks to make sure that high ethical standards characterise every aspect of its business and operations Tweet This!, is opposed to any form of money laundering, and takes the relevant measures to prevent financial transactions that are of criminal intent. In order to promote ethical business behaviour Cybercom took action to:
- implement a Code of Business Ethics and Conduct
- promote information security and data protection
- implement a Suppliers’ Code of Conduct
Subscribe for free and read the rest of this case study
Please subscribe to the SustainCase Newsletter to keep up to date with the latest sustainability news and gain access to over 2000 case studies. These case studies demonstrate how companies are dealing responsibly with their most important impacts, building trust with their stakeholders (Identify > Measure > Manage > Change).
With this case study you will see:
- Which are the most important impacts (material issues) Cybercom has identified;
- How Cybercom proceeded with stakeholder engagement, and
- What actions were taken by Cybercom to promote ethical business behaviour
Already Subscribed? Type your email below and click submit
What are the material issues the company has identified?
In its 2019 Sustainability Report Cybercom identified a range of material issues, such as financial stability, sustainable products and services, smart use of resources, information security. Among these, promoting ethical business behaviour stands out as a key material issue for Cybercom.
Stakeholder engagement in accordance with the GRI Standards
The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:
Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.
Key stakeholder groups Cybercom engages with:
To identify and prioritise material topics Cybercom engaged with its stakeholders through the following channels:
| Stakeholder Group | Method of engagement |
| Clients
| · Ongoing dialogue via Cybercom’s key account managers and other sales representatives and consultants · Client surveys · Interviews |
| Employees
| · Biweekly “pulse checks” · Interviews · Ongoing engagement |
| Investors and owners
| · Annual general meeting · Board work · Interviews |
| Suppliers | · Suppliers’ Code of Conduct |
What actions were taken by Cybercom to promote ethical business behaviour?
In its 2019 Sustainability Report Cybercom reports that it took the following actions for promoting ethical business behaviour:
- Implementing a Code of Business Ethics and Conduct
- Cybercom’s Code of Business Ethics and Conduct applies to all employees and sets standards for employee professionalism and integrity. All employees complete web-based training sessions aimed at preventing corruption, based on the Code of Business Ethics and Conduct and containing various possible dilemmas on which employees must take a position. In 2019, Cybercom also used a whistle-blower channel for anonymous reporting of violations of the Code of Business Ethics and Conduct. Reports were dealt with by an external party. During the year, there were no cases of corrupt conduct or discrimination reported.
- Promoting information security and data protection
- Cybercom works systematically with information security, based on the company’s information security and data protection policy. The work is aimed at protecting Cybercom against intentional and unintentional threats and complying with applicable laws, regulations and the requirements and expectations of employees and clients. When GDPR (General Data Protection Regulation) went into full effect in 2018, Cybercom implemented a new security organisation and new policies and instructions to ensure compliance and raise the level of protection. Skills transfer and the exchange of experience among Cybercom’s internal security organisation and Cybercom’s IT secure business area were reinforced during the year, and are creating added value for Cybercom and its clients. In 2019, Cybercom had no cases of loss of client data.
- Implementing a Suppliers’ Code of Conduct
- All Cybercom suppliers must sign Cybercom’s Suppliers’ Code of Conduct, which aligns with the Cybercom Code of Business Ethics and Conduct in all material respects, including environmental guidelines. Thus, the Suppliers’ Code of Conduct covers the same areas as Cybercom’s internal Code of Business Ethics and Conduct – except for financial reporting and external communication. Both Cybercom’s internal Code of Business Ethics and Conduct and the Suppliers’ Code of Conduct are available on cybercom.com.
Which GRI Standards and corresponding Sustainable Development Goals (SDGs) have been addressed?
The GRI Standards addressed in this case are:
1) Disclosure 205-2 Communication and training about anti-corruption policies and procedures
2) Disclosure 205-3 Confirmed incidents of corruption and actions taken
Disclosure 205-2 Communication and training about anti-corruption policies and procedures corresponds to:
- Sustainable Development Goal (SDG) 16: Peace, Justice and Strong Institutions
- Targets: 16.5
Disclosure 205-3 Confirmed incidents of corruption and actions taken corresponds to:
- Sustainable Development Goal (SDG) 16: Peace, Justice and Strong Institutions
- Targets: 16.5
Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data corresponds to:
- Sustainable Development Goal (SDG) 16: Peace, Justice and Strong Institutions
- Targets: 16.3, 16.10
78% of the world’s 250 largest companies report in accordance with the GRI Standards
SustainCase was primarily created to demonstrate, through case studies, the importance of dealing with a company’s most important impacts in a structured way, with use of the GRI Standards. To show how today’s best-run companies are achieving economic, social and environmental success – and how you can too.
Research by well-recognised institutions is clearly proving that responsible companies can look to the future with optimism.
7 GRI sustainability disclosures get you started
Any size business can start taking sustainability action
GRI, IEMA, CPD Certified Sustainability courses (2-5 days): Live Online or Classroom (venue: London School of Economics)
- Exclusive FBRH template to begin reporting from day one
- Identify your most important impacts on the Environment, Economy and People
- Formulate in group exercises your plan for action. Begin taking solid, focused, all-round sustainability action ASAP.
- Benchmarking methodology to set you on a path of continuous improvement
See upcoming training dates.
References:
1) This case study is based on published information by Cybercom, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:
http://database.globalreporting.org/
2) https://www.globalreporting.org/standards/gri-standards-download-center/
Note to Cybercom: With each case study we send out an email requesting a comment on this case study. If you have not received such an email please contact us.