Policy, Program and Procedures

  • 1.  Vendor Code of Conduct Policy

    This message was posted by a user wishing to remain anonymous
    Posted 24 days ago
    This message was posted by a user wishing to remain anonymous

    Good Morning

    I need to build a "vendor" code of conduct policy and can use some assistance re what are the requirements/principles for a Vendor code of Conduct policy, what are the components to be included in this type of policy.  I understand thru some discussions that it is not the same as an internal Code of conduct that you sign when joining an organization.  I thought it would be.

    Also, in practice, how is compliance enforced when we are talking about issues such as specific ethical principles?

    Should this be incorporated into vendor contracts in some manner?

    Any help, advice, sets of principles, formats, etc will be appreciated

    Thank you


  • 2.  RE: Vendor Code of Conduct Policy

    Posted 24 days ago

    Check out some of the publicly available Supplier Codes of Conduct.  The most comprehensive ones seem to cover these five areas:

    1. Business Ethics  (anti-bribery/anti-corruption, disclosure of info, fair business, responsible sourcing of minerals, trade compliance)
    2. Labor (diversity, freely chosen employment, human treatment, non-discrimination, freedom of association)
    3. Health and Safety (occupational safety, emergency preparedness, other worker safety issues)
    4. Environment (Pollution prevention, hazardous substances, air emissions, energy consumption and greenhouse gas emissions)
    5. General (Company commitment to code, risk assessment, improvement objectives, communication/training, corrective action)
    6. References (regulations, other codes and organizations)

     

      Best Buy - https://partners.bestbuy.com/-/supplier-code-of-conduct

      Dish Network - https://www.dish.com/supplier-resources/

      Morgan Stanley - https://www.morganstanley.com/about-us-governance/pdf/supplier-code-of-conduct.pdf

      Palo Alto - https://drive.google.com/drive/u/0/folders/11crvTUEuSvcL1Qwm6m_6Fdrhv_Umv3lg

      Verizon - https://drive.google.com/drive/u/0/folders/11crvTUEuSvcL1Qwm6m_6Fdrhv_Umv3lg

     

    Some companies go for a brief, more 'corporate' looking doc:

      Deloitte -https://www2.deloitte.com/global/en/pages/about-deloitte/articles/supplier-code-of-conduct.html

      USAA Code of Business Ethics and Conduct:  https://content.usaa.com/mcontent/static_assets/Media/USAA_code_of_conduct.pdf

     

    As with the examples above, companies frequently post their Supplier Code of Conduct publicly on the Internet either in a Legal section (along with Terms & Conditions) or in a Supplier Portal where they post related documents (see Deloitte and USAA).  You'll also want to reference the code in your contracts, or at least develop criteria for which vendors you want to sign off.

     

    I am currently working with my Legal and Procurement teams to iron out our content and get it posted. Happy to discuss more offline.  KW

     

    Kate Wakefield CISSP, CIPT, CRISC

    Sr. Manager Security Compliance

    Logo  Description automatically generated with low confidence

     






  • 3.  RE: Vendor Code of Conduct Policy

    This message was posted by a user wishing to remain anonymous
    Posted 24 days ago
    This message was posted by a user wishing to remain anonymous

    thank you so much,  Kate

    very helpful and appreciated!

    regards, john