We are experiencing a time of great uncertainty and many challenges caused by global pandemics, armed conflicts, catastrophic effects of climate change, increasing cyberattacks or disruptions of worldwide supply and transport routes. That is why continuously safeguarding our business processes is becoming more and more important. At Festo, we rely on established standards and base our business continuity system on ISO 22301, the BCI Good Practice Guidelines and ISO 27001. This means our processes are totally compatible with the systems of our suppliers and customers, and the security of our supply remains guaranteed.
The ISO 22301 standard aims to increase the robustness of processes and identify potential impacts of emergencies that threaten the entire business. In addition, effective response measures ensure the continued delivery of goods and services to our customers, and protects goodwill, our reputation and brand, the company's value-adding activities and the interests of our stakeholders.
By combining various strategies as part of our business continuity management, we achieve sustainable protection of the company, the processes and the products and services intended for you. The following measures contribute to our comprehensive BCM:
At Festo, we have had a risk management system in place for more than 10 years, in which significant risks are identified at an early stage, risk owners are defined and programmes of measures to minimise risk are pursued. In the areas of strategy, operations, finance and compliance, the main risks are examined with the responsible units such as sales, production and logistics in a standardised process that is carried out regularly. In addition, the organisational units can also use the "ad hoc risk reporting" tool.
The feedback, for instance from the production and logistics units on topics such as fire protection, delivery capability and stockpiling as well as cyber security, is condensed and discussed with the experts from the respective areas at headquarters. This also involves checking whether adequate programmes of measures have been set up to avoid possible risks and, if necessary, additional measures are initiated by the departments. The entire process and organisation of risk management is regularly examined by auditors in accordance with the IDW 340 n. F. standard [German Institute of Public Auditors].
Crisis management is the overall coordination of an organisation's response to a crisis in a timely, effective manner. The aim is to avoid or minimise damage to the organisation's profitability, reputation or ability to act. Crisis management at Festo follows a structured process with the handling of local emergencies by the local emergency response organisation and, if necessary, rapid escalation to corporate crisis management.
The management board manages the corporate crisis team. The emergency and the corporate crisis teams are staffed 24/7 with the management, information management, infrastructure, situation/documentation and corporate communication roles. Depending on the scenario, this permanent team is supplemented by experts. Regular tests are conducted to check if raising the alarm via FACT24 and team cooperation are effective.
In recent years, we have expanded our production infrastructure in line with the "local for local" principle so that we can manufacture products at various locations in the regions Europe, Asia-Pacific and the Americas, ensuring self-sufficiency and redundancy.
Thanks to our flexible logistics network and the use of alternatives routes, we can ensure deliveries from suppliers and deliveries to customers at all times and along the entire value chain.
The extremely varied product portfolio allows us to offer or develop products according to demand, giving us the option to provide alternative solutions in case of restrictions of individual components.
A high level of information security is essential for the competitiveness of Festo and is the basis for our customers' and partners' trust in our technological leadership in the face of the ongoing digitalisation of our personal and professional lives. Festo has established a state-of-the-art security program to protect our customers' processes and infrastructure as well as our own from cyber threats.
All measures are selected and implemented in accordance with the industry standards for information security, in particular BSI Basic Protection and the NIST Cybersecurity Framework. All controls are regularly reviewed and adjusted according to the current threat and risk landscape. This continuous improvement process is ensured by an information security management system that has been certified according to ISO 27001.
Safety – in particular occupational health and safety – is a fundamental part of the corporate philosophy at Festo. The compliance with and implementation of safety requirements are intended to protect our employees and the company’s assets. All areas are therefore supported by safety experts who provide assistance with establishing a safety-oriented occupational safety culture and occupational safety management.
The aim is to continuously reduce the risk of accidents and health hazards. Hence Festo has already implemented the ISO 45001 occupational health and safety management system at its Budapest, São Paulo and Shanghai sites.