Business Continuity Management (BCM)

Sustainable protection of our business processes

We are experiencing a time of great uncertainty and challenges caused by global pandemics, armed conflicts, the catastrophic effects of climate change, increasing cyber attacks or disruptions to global supply and transport routes. The continuous safeguarding of business processes is therefore becoming increasingly important. We at Festo rely on established standards and base our business continuity system on ISO22301, the BCI Good Practice Guide and ISO27001. Our processes are therefore consistently compatible with the systems of our suppliers and customers – and our security of supply remains guaranteed.

The ISO 22301 standard aims to increase the robustness of processes and identify the potential impact of emergencies that threaten the entire company. In addition, effective response measures protect the continued delivery of goods and services to our customers, goodwill, reputation, brand, the company's value-added activities, and the interests of our stakeholders.

Business continuity management as a holistic process helps to ...

  • identify threats
  • assess the potential impact and damage (e.g. business impact analysis)
  • prevent looking at the company's units in isolation
  • enable effective responses
  • define a framework of conditions
  • ensure re-use/integration into existing risk analysis and assessments as much as possible

By combining different strategies as part of business continuity management, we achieve sustainable security for the company, the processes and the products and services intended for you. The following measures contribute to our holistic BCM:

Risk management

At Festo, we have had a risk management system in place for more than 10 years, in which significant risks are identified at an early stage, risk managers are defined and programs of measures to minimize risk are pursued. From the areas of strategy, operations, finance and compliance, the main risks are queried in a standardized process that is carried out regularly at the responsible units such as sales, production and logistics. In addition, the instrument of "ad hoc risk reporting" can be used by the organizational units.

The feedback, e.g. the production and logistics units on topics such as fire protection, delivery capability and stocking as well as cyber security are condensed and discussed with the experts from the respective areas of the headquarters. Checks are also carried out as to whether adequate programs of measures have been set up to avoid possible risks and – if necessary – additional measures are initiated by the departments. The entire process and the organization of risk management is regularly checked by auditors according to the new version of IDW 340.

Crisis management

Crisis management is the overall coordination of an organization's response to a crisis in an effective, timely manner. The aim is to avoid or minimize damage to the organization's profitability, reputation or ability to act. Crisis management at Festo follows a structured process, with local emergencies being processed by the local emergency organization and, if necessary, escalating quickly to corporate crisis management.

The company crisis management team is led by the Management Board. The emergency teams and the company crisis team are staffed 24/7 with the roles of management, information management, infrastructure, situation/documentation and corporate communication. Depending on the scenario, this permanent staff is supplemented by experts. Alerting via FACT24 and cooperation between the staff are regularly tested.

Supply chain and logistics

In recent years, we have expanded our production infrastructure according to the "local for local" principle in order to produce products independently and redundantly at various locations in the regions of Europe, Asia-Pacific and America.

Our logistics network makes it possible to ensure deliveries from suppliers and deliveries to customers at all times in a highly flexible manner and with alternative routes throughout the value-added network.

The highly varied product portfolio offers the possibility of offering or developing products tailored to requirements in order to be able to provide alternative solutions in the event of restrictions on individual components.

Information security

A high level of information security is indispensable for Festo's competitiveness and the basis for the trust that our customers and partners place in our technological leadership within the context of the ongoing digitization of our life and work. Festo has established a state-of-the-art security program to protect our customers' processes and infrastructure as well as our own from cyber threats.

All measures are selected and implemented in accordance with the industry standards of information security, in particular BSI basic protection and the NIST Cybersecurity Framework. All checks are regularly reviewed and adjusted according to the current threat and risk landscape. This continuous improvement process is guaranteed by an information security management system that has been certified according to ISO 27001.

Health and safety

Safety – in particular occupational health and safety – is a fundamental part of Festo’s corporate philosophy. Compliance with and the implementation of the safety requirements serves to protect our employees and the company’s assets. To this end, all areas are supported by safety experts in establishing a safety-oriented occupational safety culture and occupational safety management.

The aim is to continuously reduce the risk of accidents and health hazards. In this context, Festo has already implemented the ISO 45001 occupational health and safety management system at the Budapest, São Paulo and Shanghai locations.