attacks. Moreover, to further strengthen cybersecurity During the reporting year, we set up an internal logistics operations, particularly in our warehouses. awareness within the company, we regularly update dashboard, creating transparency within our We monitor, evaluate and solve incoming alerts daily. our mandatory cybersecurity training for all team direct supplier network, on the suppliers and their We maintain a speci昀椀c, stringent policy for business members globally and ensure that our colleagues sustainability performance. This allows us to ensure partner onboarding in China. Regarding our own team are aware of current cybersecurity threats. This is that our business partners respect human rights, which members, our human resources department carries out additionally supported by ongoing awareness and we screen with the support of different IT tools and personal background checks in countries which have phishing campaigns, as well as target group-speci昀椀c the stipulations of our Supplier Code of Conduct. We a high-risk exposure when hiring an external candidate training. In 2023, Hilti was not confronted with any closely monitor supply chain acts around the globe, for critical management positions. major cybersecurity incident. The impact of continuing such as the German Due Diligence in the Supply Chain Supplier Sustainability: p. 31 the active management of our external attack surface Act and the Norwegian Supply Chain Transparency Act, is also re昀氀ected in our external ratings. In September preparing for the EU Supply Chain Directive. Moreover, 2023, we received a BitSight rating that recon昀椀rms we publish our statement of compliance with modern 2023 implementation examples Hilti’s place in the advanced sector. slavery reporting requirements in Hong Kong, Australia, the United Kingdom and California. • Adoption of Human Rights Policy for Supply Supplier Sustainability: p. 31 Chain Due Diligence on Human Rights and the Human rights due diligence Environment: We carry out comprehensive due diligence in the form We are vigilant in ensuring that our business As a globally active company with complex value of background checks and screening of third parties. operations and supply chains worldwide re昀氀ect our chains, Hilti is exposed to human rights-related We screen our direct suppliers with the support of three dedication to ethical practices and respect for human impacts. We strive to avoid adverse human rights different IT-supported mechanisms. These screenings rights and the environment. We adopted the ‘Human impacts throughout our business operations and in the include topics such as ethical behavior, health and Rights Policy for Supply Chain Due Diligence on communities in which we engage. We are committed safety management and compliance with human rights. Human Rights and the Environment’ that details the to the ten principles of the UN Global Compact and The related supplier self-assessment has become a Human Rights section of the Hilti Code of Conduct to respecting internationally recognized human rights required condition to take up or maintain a business and environmental aspects, amongst others, to as set out in the Universal Declaration of Human relationship with Hilti, as described in our Sustainable address global Supply Chain Acts. Besides our top- Rights and the Declaration of the International Sourcing Policy down and bottom-up risk assessment procedures, . We added this policy to our long- Labor Organization on fundamental principles and standing approach of supplier screening to exclude, our due diligence framework is established to rights at work. We are committed to protecting these for example, sanctioned parties, smelters that are not prevent or remedy any human rights violations in the rights. They are re昀氀ected in our Code of Conduct whitelisted and suppliers with human rights violations. context of our business operations. Our grievance for Employees, our internal policies and our Code of A similar screening process is applied to our customers procedures and reporting, as well as training and Conduct for Suppliers and, from 2023, in our Human to comply with export regulations and sanctions capacity building, are also set out in this Policy. Rights Policy. laws. The process is fully automated as it includes, Our Culture of Engagement: p. 44 for example, automated shipping restrictions in our
2023 Sustainability Report Page 58 Page 60