Communication on Progress

Symantec FY19 Communication on Progress

Participant
Published
  • 03-Dec-2019
Time period
  • April 2018  –  March 2019
Files
Format
  • Part of a sustainability or corporate (social) responsibility report
Differentiation Level
  • This COP qualifies for the Global Compact Advanced level
Self-assessment
  • Includes a CEO statement of continued support for the UN Global Compact and its ten principles
  • Description of actions or relevant policies related to Human Rights
  • Description of actions or relevant policies related to Labour
  • Description of actions or relevant policies related to Environment
  • Description of actions or relevant policies related to Anti-Corruption
  • Includes a measurement of outcomes
  • Meets all criteria for the GC Advanced level
Verification
and Transparency
  • How is the accuracy and completeness of information in your COP assessed by a credible third-party?

  • The COP describes any action(s) that the company plans to undertake by its next COP to have the credibility of the information in its COP externally assessed, including goals, timelines, metrics, and responsible staff

  • Information is reviewed by multiple stakeholders (e.g., representatives of groups prioritized in stakeholder analysis)

  • Other established or emerging best practices

    The report meets GRI standards. Our GHG Data is verified by a 3rd party. We work closely with external consultants on our report and involved internal business owners when developing the text. All text is approved prior to publication.

  • Information is reviewed by a panel of peers (e.g., members of the same industry, competitors, benchmarked leaders, others organized via Global Compact Local Network)

  • Information is assured by independent assurors (e.g., accounting or consulting firm) using their own proprietary methodology

  • Information is assured by independent assurors (e.g., accounting or consulting firm) against recognized assurance standard (e.g., ISAE3000, AA1000AS, other national or industry-specific standard)

 
  • The COP incorporates the following high standards of transparency and disclosure:

  • Is 'in accordance - core' with GRI Standards

  • Provides information on the company’s profile and context of operation

  • Applies the GRI Sustainability Reporting Guidelines or the GRI Standards

  • Is 'in accordance - comprehensive' with GRI Standards

  • Applies elements of the International Integrated Reporting Framework

Strategy, Governance
and Engagement
  • Criterion 2: The COP describes value chain implementation

  • Communicate policies and expectations to suppliers and other relevant business partners

  • Implement monitoring and assurance mechanisms (e.g. audits/screenings) for compliance within the company’s sphere of influence

  • Undertake awareness-raising, training and other types of capacity building with suppliers and other business partners

  • Other established or emerging best practices

    Symantec promotes high ethical standards for human rights, environmental protections, and responsible business practices in our own operations and throughout our supply chain.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Analyze each segment of the value chain carefully, both upstream and downstream, when mapping risks, opportunities and impacts

  • Criterion 1: The COP describes mainstreaming into corporate functions and business units

  • Place responsibility for execution of sustainability strategy in relevant corporate functions (procurement, government affairs, human resources, legal, etc) ensuring that no function is conflicting with company sustainability commitments and objectives

  • Assign responsibility for corporate sustainability implementation to an individual or group within each business unit and subsidiary

  • Other established or emerging best practices

    We consider the security of information central to our corporate responsibility approach. We believe that integrating responsibility into every aspect of our business helps us achieve our company mission.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Align strategies, goals and incentive structures of all business units and subsidiaries with corporate sustainability strategy

  • Design corporate sustainability strategy to leverage synergies between and among issue areas and to deal adequately with trade-offs

  • Ensure that different corporate functions coordinate closely to maximize performance and avoid unintended negative impacts

Human Rights
  • Criterion 4: The COP describes effective management systems to integrate the human rights principles

  • Internal awareness-raising and training on human rights for management and employees

  • Allocation of responsibilities and accountability for addressing human rights impacts

  • Other established or emerging best practices

    Symantec conducted over 12 assessments to engage our Tier 1 physical product suppliers on human rights, conflict minerals. In FY19 Symantec were members of the RBA. Symantec employees underwent annual ethics training which included Human Rights Aspects

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Process to ensure that internationally recognized human rights are respected

  • On-going due diligence process that includes an assessment of actual and potential human rights impacts (BRE 2 + BRE 3 + ARE 2 + ARE 3)

  • Operational-level grievance mechanisms for those potentially impacted by the company’s activities (BRE 4 + ARE 4)

  • Internal decision-making, budget and oversight for effective responses to human rights impacts

  • Processes to provide for or cooperate in the remediation of adverse human rights impacts that the company has caused or contributed to (BRE 3+ BRE 4 + ARE3 + ARE 4)

  • Process and programs in place to support human rights through: core business; strategic philanthropic/social investment; public policy engagement/advocacy; partnerships and/or other forms of collective action (BRE 6 + ARE 6)

  • Criterion 3: The COP describes robust commitments, strategies or policies in the area of human rights

  • Commitment to comply with all applicable laws and respect internationally recognized human rights, wherever the company operates (e.g., the Universal Declaration of Human Rights, Guiding Principles on Human Rights) (BRE1 + ARE1)

  • Statement of policy publicly available and communicated internally and externally to all personnel, business partners and other relevant parties (BRE 1 + BRE 5 + ARE 1 + ARE 5)

  • Other established or emerging best practices

    At Symantec, managing the social impacts of our products means making sure all people have the ability to keep their data secure and to protect themselves from cyber threats. We believe privacy and freedom of expression are fundamental human rights.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Integrated or stand-alone statement of policy expressing commitment to respect and support human rights approved at the most senior level of the company (BRE 1 + BRE5 + ARE 1 + ARE 5)

  • Statement of policy stipulating human rights expectations of personnel, business partners and other parties directly linked to operations, products or services (BRE 1)

  • Criterion 5: The COP describes effective monitoring and evaluation mechanisms of human rights integration

  • System to monitor the effectiveness of human rights policies and implementation with quantitative and qualitative metrics, including in the supply chain (BRE3 + ARE3)

  • Other established or emerging best practices

    In FY19 Symantec were members of RBA, we assessed our supply chain for human rights aspects, we also used the Dun and Bradstreet process to asses supplier risk in human trafficking. We asked our suppliers to take human rights traning.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Monitoring draws from internal and external feedback, including affected stakeholders

  • Leadership review of monitoring and improvement results

  • Process to deal with incidents the company has caused or contributed to for internal and external stakeholders (BRE 4 + ARE 4)

  • Grievance mechanisms that are legitimate, accessible, predictable, equitable, transparent, rights-compatible, a source of continuous learning, and based on engagement and dialogue (BRE4 + ARE4)

  • Outcomes of integration of the human rights principles

Labour
  • Criterion 8: The COP describes effective monitoring and evaluation mechanisms of labour principles integration

  • System to track and measure performance based on standardized performance metrics

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Dialogues with the representative organization of workers to regularly review progress made and jointly identify priorities for the future

  • Audits or other steps to monitor and improve the working conditions of companies in the supply chain, in line with principles of international labour standards

  • Process to positively engage with the suppliers to address the challenges (i.e., partnership approach instead of corrective approach) through schemes to improve workplace practices

  • Outcomes of integration of the Labour principles

  • Other established or emerging best practices

  • Criterion 6: The COP describes robust commitments, strategies or policies in the area of labour

  • Specific commitments and Human Resources policies, in line with national development priorities or decent work priorities in the country of operation

  • Structural engagement with a global union, possibly via a Global Framework Agreement

  • Other established or emerging best practices

    See pages 11, 12, 13, 14 which outline Symantec's approach to Culture and Inculsion, Talent and Diversity.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Reference to principles of relevant international labour standards (ILO Conventions) and other normative international instruments in company policies

  • Reflection on the relevance of the labour principles for the company

  • Written company policy to obey national labour law, respect principles of relevant international labour standards in worldwide company operations and engage in dialogue with representative organization of the workers (international, sectoral, national).

  • Inclusion of reference to the principles contained in the relevant international labour standards in contracts with suppliers and other relevant business partners

  • Participation and leadership by employers’ organizations (international and national) to jointly address challenges related to labour standards in the countries of operation, possibly in a tripartite approach (business – trade union – government).

  • Criterion 7: The COP describes effective management systems to integrate the labour principles

  • Allocation of responsibilities and accountability within the organization

  • Other established or emerging best practices

    Symantec have designated teams in place to manage culture, inclusion and diversity.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Risk and impact assessments in the area of labour

  • Dialogue mechanism with trade unions to regularly discuss and review company progress in addressing labour standards

  • Internal awareness-raising and training on the labour principles for management and employees

  • Active engagement with suppliers to address labour-related challenges

  • Grievance mechanisms, communication channels and other procedures (e.g., whistleblower mechanisms) available for workers to report concerns, make suggestions or seek advice, designed and operated in line with the representative organization of workers

Environment
  • Criterion 10: The COP describes effective management systems to integrate the environmental principles

  • Environmental risk and impact assessments

  • Assessments of lifecycle impact of products, ensuring environmentally sound management policies

  • Allocation of responsibilities and accountability within the organisation

  • Internal awareness-raising and training on environmental stewardship for management and employees

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Grievance mechanisms, communication channels and other procedures (e.g. whistleblower mechanisms) for reporting concerns or seeking advice regarding environmental impacts

  • Other established or emerging best practices

  • Criterion 9: The COP describes robust commitments, strategies or policies in the area of environmental stewardship

  • Reflection on the relevance of environmental stewardship for the company

  • Written company policy on environmental stewardship

  • Inclusion of minimum environmental standards in contracts with suppliers and other relevant business partners

  • Specific commitments and goals for specified years

  • Other established or emerging best practices

    In FY19 Symantec set Science Based Targets which were approved and published. Symantec also committed to the Ireland Low Carbon Pledge and The US Step Up Declaration.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Reference to relevant international conventions and other international instruments (e.g. Rio Declaration on Environment and Development)

  • Criterion 11: The COP describes effective monitoring and evaluation mechanisms for environmental stewardship

  • Leadership review of monitoring and improvement results

  • Process to deal with incidents

  • Other established or emerging best practices

    See the World Section of the FY19 CR Report

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • System to track and measure performance based on standardized performance metrics

  • Audits or other steps to monitor and improve the environmental performance of companies in the supply chain

  • Outcomes of integration of the environmental principles

Anti-Corruption
  • Criterion 14: The COP describes effective monitoring and evaluation mechanisms for the integration of anti-corruption

  • Leadership review of monitoring and improvement results (D12)

  • Process to deal with incidents (D13)

  • Use of independent external assurance of anti-corruption programmes (D15)

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Public legal cases regarding corruption (D14)

  • Outcomes of integration of the anti-corruption principle

  • Other established or emerging best practices

  • Criterion 12: The COP describes robust commitments, strategies or policies in the area of anti-corruption

  • Publicly stated formal policy of zero-tolerance of corruption (D1)

  • Commitment to be in compliance with all relevant anti-corruption laws, including the implementation of procedures to know the law and monitor changes (B2)

  • Statement of support for international and regional legal frameworks, such as the UN Convention against Corruption (D2)

  • Detailed policies for high-risk areas of corruption (D4)

  • Policy on anti-corruption regarding business partners (D5)

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Other established or emerging best practices

  • Criterion 13: The COP describes effective management systems to integrate the anti-corruption principle

  • Support by the organization’s leadership for anti-corruption (B4)

  • Carrying out risk assessment of potential areas of corruption (D3)

  • Human Resources procedures supporting the anti-corruption commitment or policy, including communication to and training for all employees (B5 + D8)

  • Internal checks and balances to ensure consistency with the anti-corruption commitment (B6)

  • Actions taken to encourage business partners to implement anti-corruption commitments (D6)

  • Management responsibility and accountability for implementation of the anti-corruption commitment or policy (D7)

  • Communications (whistleblowing) channels and follow-up mechanisms for reporting concerns or seeking advice (D9)

  • Internal accounting and auditing procedures related to anticorruption (D10)

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Other established or emerging best practices

UN Goals and Issues
  • Criterion 15: The COP describes core business contributions to UN goals and issues

  • Align core business strategy with one or more relevant UN goals/issues

  • Develop relevant products and services or design business models that contribute to UN goals/issues

  • Other established or emerging best practices

    Managing the social impacts of our products means making sure all people have the ability to keep their data secure and to protect themselves from cyber threats. We believe privacy and freedom of expression are fundamental human rights.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Adopt and modify operating procedures to maximize contribution to UN goals/issues

  • Criterion 16: The COP describes strategic social investments and philanthropy

  • Pursue social investments and philanthropic contributions that tie in with the core competencies or operating context of the company as an integrated part of its sustainability strategy

  • Other established or emerging best practices

    See pages 5, 6, 9, 10 of the CR report for examples of strategic socila investments and phulanthrophy

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Coordinate efforts with other organizations and initiatives to amplify—and not negate or unnecessarily duplicate—the efforts of other contributors

  • Take responsibility for the intentional and unintentional effects of funding and have due regard for local customs, traditions, religions, and priorities of pertinent individuals and groups

  • Criterion 17: The COP describes advocacy and public policy engagement

  • Publicly advocate the importance of action in relation to one or more UN goals/issues

  • Other established or emerging best practices

    See page 25 of the FY19 CR report which outlines our involvement in advocacy and public policy engagement.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Commit company leaders to participate in key summits, conferences, and other important public policy interactions in relation to one or more UN goals/issues

  • Criterion 18: The COP describes partnerships and collective action

  • Join industry peers, UN entities and/or other stakeholders in initiatives contributing to solving common challenges and dilemmas at the global and/or local levels with an emphasis on initiatives extending the company’s positive impact on its value chain

  • Other established or emerging best practices

    See page 25 of the FY19 CR report which outlines our involvement in advocacy and public policy engagement.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Develop and implement partnership projects with public or private organizations (UN entities, government, NGOs, or other groups) on core business, social investments and/or advocacy

Governance
  • Criterion 19: The COP describes CEO commitment and leadership

  • Other established or emerging best practices

    See page 2 of the FY19 CR report, this year our EVP, General Counsel and Secretary expressed committment on behalf of the leadership team, in fY19 Symantec had an intrim CEO.

  • CEO leads executive management team in development of corporate sustainability strategy, defining goals and overseeing implementation

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • CEO publicly delivers explicit statements and demonstrates personal leadership on sustainability and commitment to the UN Global Compact

  • CEO promotes initiatives to enhance sustainability of the company’s sector and leads development of industry standards

  • Make sustainability criteria and UN Global Compact principles part of goals and incentive schemes for CEO and executive management team

  • Criterion 20: The COP describes Board adoption and oversight

  • Board (or committee), where permissible, approves formal reporting on corporate sustainability (Communication on Progress)

  • Other established or emerging best practices

    See page 16 of the FY19 CR report, and page 25 governance structure for details on baord adoption and oversite.

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Board of Directors (or equivalent) assumes responsibility and oversight for long-term corporate sustainability strategy and performance

  • Board establishes, where permissible, a committee or assigns an individual board member with responsibility for corporate sustainability.

  • Criterion 21: The COP describes stakeholder engagement

  • Define sustainability strategies, goals and policies in consultation with key stakeholders

  • Establish channels to engage with employees and other stakeholders to hear their ideas and address their concerns

  • Other established or emerging best practices

    Throughout the report there are examples of how Symantec engaged stakeholders in various areas, for example, environmental campaigns and employee resource groups

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to fulfill this criterion, including goals, timelines, metrics, and responsible staff

  • Publicly recognize responsibility for the company’s impacts on internal and external stakeholders

  • Consult stakeholders in dealing with implementation dilemmas and challenges and invite them to take active part in reviewing performance

Women's Empowerment
  • The COP describes policies and practices related to supporting women's empowerment and advancing gender equality in the marketplace

  • Supplier diversity programme

  • Support for women business owners and women entrepreneurs

  • Gender-sensitive marketing

  • Other established or emerging best practices

    in FY19 Symantec joined the Reboot Representation Tech Coalition, a collaborative effort with a goal to double the number of underrepresented womenof color (black, Latina, and Native American) graduating with computing degrees by 2025.

  • Composition of supplier base by sex

  • Supplier monitoring and engagement on women's empowerment and gender equality including promotion of the Women's Empowerment Principles to suppliers

  • Gender-sensitive product and service development

  • No practice for this criterion has been reported

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to address this area, including goals, timelines, metrics, and responsible staff

  • The COP describes policies and practices related to supporting women's empowerment and advancing gender equality in the community

  • Ensuring female beneficiaries of community programmes

  • Community initiatives specifically targeted at the empowerment of women and girls

  • Strategies to ensure that community investment projects and programmes (including economic, social and environmental) positively impact women and girls

  • Strategies to ensure that community investment projects and programmes (including economic, social and environmental) include the full participation of women and girls

  • Other established or emerging best practices

    In partnership with Pivotal Ventures (the executive office of Melinda Gates), Adobe, Intel, Salesforce, and others, the Coalition has committed $12 million to efforts that engage underrepresented women of color directly.

  • Designing community stakeholder engagements that are free of gender discrimination/stereotyping and sensitive to gender issues

  • Gender impact assessments or consideration of gender-related impacts as part of its social and/or human rights impact assessments

  • No practice for this criterion has been reported

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to address this area, including goals, timelines, metrics, and responsible staff

  • The COP contains or refers to sex-disaggregated data

  • Achieving and maintaining gender equality in senior management and board positions

  • Achieving and maintaining gender equality in middle management positions

  • Equal pay for work of equal value

  • Flexible work options

  • Access to child and dependent care

  • Support for pregnant women and those returning from maternity leave

  • Recruitment and retention, including training and development, of female employees

  • Education and training opportunities for women workers

  • Creating and maintaining workplace awareness of gender equality and, inclusion and non-discrimination for all workers

  • Mentoring and sponsorship opportunities for women workers

  • Other established or emerging best practices

    Page 14 of the FY19 CR report gives data on Workforce Diversity. Page 18, performance tables give more detailed data at various levels.

  • Gender-specific health and safety issues

  • Gender-based violence and harassment

  • No practice for this criterion has been reported

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to address this area, including goals, timelines, metrics, and responsible staff

  • The COP describes policies and practices related to supporting women's empowerment and advancing gender equality in the workplace

  • Achieving and maintaining gender equality in senior management and board positions

  • Achieving and maintaining gender equality in middle management positions

  • Equal pay for work of equal value

  • Flexible work options

  • Access to child and dependent care

  • Support for pregnant women and those returning from maternity leave

  • Recruitment and retention, including training and development, of female employees

  • Gender-specific health and safety issues

  • Gender-based violence and harassment

  • Education and training opportunities for women workers

  • Creating and maintaining workplace awareness of gender equality and, inclusion and non-discrimination for all workers

  • Mentoring and sponsorship opportunities for women workers

  • Other established or emerging best practices

    The culture and inclusion, talent and diversity section of the FY19 CR report give examples of how Symantec is supporting women's empowerment and advancing gender equaity.

  • No practice for this criterion has been reported

  • Any relevant policies, procedures, and activities that the company plans to undertake by its next COP to address this area, including goals, timelines, metrics, and responsible staff

Sustainable Development Goals
  • Which of the following Sustainable Development Goals (SDGs) do the activities described in your COP address? [Select all that apply]

  • SDG 1: End poverty in all its forms everywhere

  • SDG 2: End hunger, achieve food security and improved nutrition and promote sustainable agriculture

  • SDG 3: Ensure healthy lives and promote well-being for all at all ages

  • SDG 4: Ensure inclusive and equitable quality education and promote lifelong learning opportunities for all

  • SDG 5: Achieve gender equality and empower all women and girls

  • SDG 6: Ensure availability and sustainable management of water and sanitation for all

  • SDG 7: Ensure access to affordable, reliable, sustainable and modern energy for all

  • SDG 8: Promote sustained, inclusive and sustainable economic growth, full and productive employment and decent work for all

  • SDG 9: Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation

  • SDG 10: Reduce inequality within and among countries

  • SDG 11: Make cities and human settlements inclusive, safe, resilient and sustainable

  • SDG 12: Ensure sustainable consumption and production patterns

  • SDG 13: Take urgent action to combat climate change and its impacts

  • SDG 14: Conserve and sustainably use the oceans, seas and marine resources for sustainable development

  • SDG 15: Protect, restore and promote sustainable use of terrestrial ecosystems, sustainably manage forests, combat desertification, and halt and reverse land degradation and halt biodiversity loss

  • SDG 16: Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels

  • SDG 17: Strengthen the means of implementation and revitalize the global partnership for sustainable development

  • With respect to your company’s actions to advance the Sustainable Development Goals (SDGs), the COP describes: [Select all that apply]

  • Opportunities and responsibilities that one or more SDGs represent to our business

  • Where the company’s priorities lie with respect to one or more SDGs

  • Goals and indicators set by our company with respect to one or more SDGs

  • How one or more SDGs are integrated into the company’s business model

  • The (expected) outcomes and impact of your company’s activities related to the SDGs

  • If the companies' activities related to the SDGs are undertaken in collaboration with other stakeholders

  • Other established or emerging best practices

    Throughout the CR Report we describe our approach to advancement of the specific SDG's relevant to our business.