Governance and Management
Solid management, performance and compliance for a sustainable enterprise
Overview
Corporate responsibility is an integral aspect of our business. While there is no specific department for corporate responsibility, the Executive Sustainability Council has been operating for three years and a Corporate Social Responsibility Task Force was created in 2009.
These teams work closely with all aspects of the business engaging with various departments, including Facilities, IT, Community Relations, Corporate Communications, Human Resources and Legal, to ensure policies and efforts on social and environmental issues are considered in the overall operations. To learn how CSR is governed, view the Legal Form and SAS governance structure. View SAS’ financial performance for 2010.
| Initiative | 2010 Goals | Performance Highlights | 2011 Goals |
|---|---|---|---|
| Compliance | Maintain “zero tolerance – zero fines” for noncompliance with environmental, anti-corruption, trade and privacy laws. | Achieved goal. | Continue “zero tolerance – zero fines” for noncompliance |
| Ethics and Compliance –Training | Increase compliance course training and completion rates. | Implemented automated reminder system for courses. Achieved improved completion rates. Enlisted a second training vendor to expand available training assets. |
Introduce two new courses and prepare to translate future courses into seven different languages in order to expand training. |
| Anti-Corruption | “Zero tolerance – zero fines” for anti-corruption for US and international operations. | Achieved goal through introduction of pilot program to enhance due diligence screening for subcontractors and partners in international operations and establishing US lobbying, gift and campaign contribution law compliance process. | Introduce enhanced due diligence screening program to full international business operations.
Complete initial corruption risk background review of existing suppliers looking at indictment, conviction, financial and media records to look for news of prior corruption or propensity for future corruption, and document and act on our findings accordingly. |
| Fair Trade Laws, International Peace Accords, Anti-Aggression Laws and Sanctions, and Anti-Boycott Laws | Zero government fines for exports of controlled software, meaning SAS delivered its software only to permitted destinations and users, and zero fines for responses to requests for proposal from countries at risk of requesting participation in prohibited boycotts of US allies. | SAS processed and exported 17,680 software orders and received no government fines.
SAS successfully executed an anti-boycott law compliance program for all its offices in countries where there is a risk that customers may seek to involve SAS in boycotts prohibited by the US government. SAS properly reported all boycott requests received and declined to participate in any prohibited boycotts. |
Maintain our zero government fines record.
Revise our internal processes to allow real-time, or near-real-time, updates to our external Export Commodity Classification Number chart to allow our customers to more quickly determine the ECCNs of the products licensed from SAS for easy application to their own export compliance programs. This will help SAS’ customers to more easily comply with export controls on software use and delivery across international borders. |
| Privacy Protection Laws | Advance awareness of SAS privacy and security practices (internal and external audiences). Develop new mechanisms to communicate these policies and practices. | Achieved goal through: Creating new SAS Solutions OnDemand Business Customer Privacy Policy. Developed privacy awareness training course for all employees worldwide. Trained all SAS Solutions OnDemand personnel in the proper safeguarding of hosted content. |
Update SAS Solutions OnDemand Business Customer Privacy Policy to align with new data retention requirements.
Provide privacy training and policy upgrade assessment for select offices as needed. Conduct annual in-person privacy training of SAS Solutions OnDemand personnel. |
Stakeholder Engagement
We engage with a wide range of stakeholders across all parts of our operations. More detailed information about our relationships with many stakeholder groups can be found throughout this report. They include:- Customers
- Communities
- Employees
- Regulators and government
- Nongovernmental organizations (NGOs)
- Industry organizations
| Stakeholder Group | Types of Engagement | Examples from 2010 |
|---|---|---|
| Communities | Employee volunteering Grants Donations Training |
SAS employees volunteered a total of 22,700 hours netting $86,500 for charity. |
| Customers | Webcasts Users groups meetings Training courses Focus Groups Surveys Feedback forms |
In 2010, SAS reinvested 24 percent of revenues into research and development activities in response to users' feedback.
In December 2010, SAS conducted a Customer Satisfaction Survey to measure customer satisfaction and loyalty, which are at their highest levels since the study began in 2002. |
| Employees | SAS Wide Web Webcasts Webzines Blogs |
700 blogs 3 CEO Executive Webcasts recorded. 14 Global communication update emails sent. 7 Global communications council meetings held. 37 Global communications phone conferences conducted. 197,580 Hits to the US SAS Family site. |
| Regulators and Government | Regular meetings and briefings. Membership in trade associations and business organizations. |
Joined the World Economic Forum’s Partnership Against Corruption Initiative. |
| Industry Organizations | White papers and articles. Interviews, meetings and briefings. |
130 white papers produced in 2010 Participated in World Economic Forum, Business Roundtable, The Business Council, and the International Business Advisory Council in 2010 |
| Business Partners and Suppliers | Meetings Webcasts Representation on boards |
Ethics and Compliance
At SAS, we have worked hard to create a corporate culture based on trust between our employees and the company. We also employ the highest ethical standards in our dealings with customers, suppliers and competitors. As a result, we have a reputation of being a great place to work and a great company to do business with.
The SAS Code of Business Ethics outlines the responsibilities each employee of SAS and its subsidiaries has to comply with all laws, rules and regulations of the countries in which we do business to ensure legal and ethical behavior. At SAS, we strive to employ the highest ethical standards, demonstrating honesty, fairness and accountability in every decision and action.
SAS employees are responsible for immediately communicating any concerns regarding suspected unethical or illegal conduct to supervisors, to the Human Resources department or to the General Counsel. SAS will not take retaliatory action against people who report suspected violations in good faith. All reports of misconduct will be investigated as appropriate.
In order to maintain our high ethical standing, employee compliance and ethics training is provided on a regular basis on issues such as anti-bribery, corruption, data protection, privacy and respect in the workplace. In 2010, SAS produced an internal animated online video training course on encryption export regulations and released it to headquarters development personnel. Encryption is highly regulated and has been an important factor in many past wars, so governments want corporations to cooperate in their encryption exports to prevent encryption from falling into the hands of persons who would use it do harm. SAS used a succinct animated format to convey the message to developers that they can help SAS with encryption export law compliance, and how they can do that.
SAS acquired two new entities and brought their people and operations into compliance with SAS’ Human Resources and Ethics and Compliance policies and programs. SAS followed a thorough process to review all potential compliance issues and communicated with government officials to ensure any past issues were properly addressed. New employees were provided all applicable ethics and compliance training. We received zero fines for noncompliance.
Anti-Corruption
SAS strives to maintain compliance with the US and international anti-corruption laws at the local, state and federal level in all its operations. SAS operates at a “zero tolerance – zero fines” level in its compliance with anti-corruption laws, while maintaining an efficient compliance system that allows for robust corporate growth. SAS engages with other business partners and stakeholders around the world to encourage a global community culture that works to end corruption.
This year, SAS joined the World Economic Forum’s Partnership Against Corruption Initiative (PACI) to fight bribery and corruption. PACI is based on chief executive officer (CEO) commitments to the PACI Principles for Countering Bribery, which call for the adoption of a zero-tolerance policy on corruption and the implementation of an anti-corruption program guiding the behavior of employees, agents, suppliers, contractors and joint venture partners.
SAS also implemented new enhanced contract language requiring anti-corruption law compliance by all subcontractors and partners. This language requires subcontractors and partners to verify they are not part of any government and are not engaging in undue influence on any governmental entities.
In relation to suppliers, we introduced a pilot program of enhanced due diligence screening for subcontractors and partners as well as an ongoing screening and monitoring process for suppliers to protect against anti-corruption risks.
Privacy
Privacy has become part of mainstream business culture as companies respond to emerging state, federal and international privacy and data protection legislation; rapid changes in technology and security; and growing consumer and employee concern about the collection, storage, use and sharing of personal information. Corporatewide privacy compliance is managed by the SAS Legal Department.
SAS' Privacy Statement is global and applies not only to SAS US, but to foreign subsidiaries and other business units.
SAS strives to maintain compliance with the US and international privacy and information security laws at the local, state and federal level in all its operations. SAS tries to operate at a “zero tolerance – zero fines” level in its compliance with privacy and information security laws, while maintaining an efficient compliance system that allows for robust corporate growth. SAS engages with other business partners and stakeholders around the world to encourage a global community culture that works to end privacy abuse and information security breaches.
Global Reporting Initiative (GRI) Index 2010 Report
| Indicator | Description | Reference |
|---|---|---|
| Strategy and Analysis | ||
| 1.1 | Statement from the most senior decision maker of the organization | From the CEO |
| Organizational Profile | ||
| 2.1 | Name of the organization | Governance > Structure |
| 2.2 | Primary brands, products and services | Products & Solutions |
| 2.3 | Operational structure | Governance > Structure |
| 2.4 | Location of headquarters | Governance > Structure |
| 2.5 | Number of countries where organization operates | Governance > Structure |
| 2.6 | Nature of ownership and legal form | Governance > Structure |
| 2.7 | Markets served | Products & Solutions About SAS |
| 2.8 | Scale of organization | About SAS |
| 2.9 | Significant changes during reporting period | About This Report |
| 2.10 | Awards received during reporting period | Awards |
| Report Parameters | ||
| 3.1 | Reporting period | About This Report |
| 3.2 | Date of most recent previous report | About This Report |
| 3.3 | Reporting cycle | About This Report |
| 3.4 | Contact person | About This Report |
| 3.5 | Process for defining content | About This Report |
| 3.6 | Boundary of the report | About This Report |
| 3.7 | Limitations on scope or boundary | About This Report |
| 3.8 | Basis for reporting on entities that can significantly affect comparability | About This Report |
| 3.9 | Data measurement techniques and bases of calculations | About This Report |
| 3.10 | Re-statements of information provided in earlier reports | About This Report |
| 3.11 | Significant changes from previous reporting periods | About This Report |
| 3.12 | Standard disclosure tables | About This Report |
| Governance, Commitments and Engagement | ||
| 4.1 | Governance structure | Governance > Structure |
| 4.14 | Stakeholder groups | Stakeholder Engagement |
| 4.15 | Basis for identification and selection of stakeholders with whom to engage | Stakeholder Engagement |
| Economic Performance Indicators | ||
| EC1 | Direct economic value generated and distributed | About Us > Corporate Statistics |
| Environmental and Performance Indicators | ||
| EN3 | Direct energy consumption by primary energy source | Environment > Energy |
| EN4 | Indirect energy consumption by primary source | Environment > Energy |
| EN5 | Energy saved due to conservation and efficiency improvements | Environment > Energy |
| EN6 | Initiatives to provide energy-efficient or renewable energy-based products and services | Environment > Energy |
| EN7 | Initiatives to reduce indirect energy consumption and reductions achieved | Environment > Energy Environment > Green buildings |
| EN8 | Total water withdrawal by source | Environment > Water |
| EN10 | Percentage and volume of water recycled and reused | Environment > Water |
| EN16 | Total direct and indirect greenhouse gas emissions by weight | Environment > Energy |
| EN18 | Initiatives to reduce greenhouse gas emissions and reductions achieved | Environment > Energy |
| EN22 | Total weight of waste by type and disposal method | Environment > Waste |
| EN26 | Initiatives to mitigate environmentalimpacts of products and services | Environment > Waste |
| EN28 | Fines and sanctions for noncompliance with environmental laws and regulations | Environment |
| Labor Practices and Decent Work Performance Indicators | ||
| LA1 | Workforce by employee type, employee contract and region | Employees |
| LA2 | Number and rate of employee turnover by age group, gender and region | Employee > Hiring & Retaining staff |
| LA3 | Benefits provided to full-time employees that are not provided to temporary or part-time employees | SAS Family > Benefits |
| LA7 | Rates of injury, occupational diseases, lost days and absenteeism, work-related fatalities by region | Employees > Health and Safety |
| LA11 | Programs for skills management | SAS Family |
| LA12 | Percentage of employees receiving regular performance and career development reviews | Employee > Skills Development |
| Society Performance Indicators | ||
| SO4 | Actions taken for incidents of corruption | Governance > Anti-Corruption |
| SO7 | Total number of legal actions for anti-competitive behavior, anti-trust and monopoly practices and their outcomes. | Governance > Overview |
| SO8 | Fines or sanctions for non-compliance with laws | Governance > Overview |
