Governance
ams OSRAM would not be able to achieve its sustainable business success without the trust of its stakeholders such as customers, employees, investors, and suppliers. We strengthen this trust by means of transparent and responsible corporate governance.
Governance on ESG
Sustainability means responsibility to customers, employees, shareholders, society and the environment. Our approach to sustainability is the foundation of our licence to operate and an enabler for future business. Throughout our value chain, we emphasise the careful use of resources, environmental protection, good working conditions, health and safety, and respect for human rights. As a member of the UN Global Compact and the Responsible Business Alliance, we recognise their principles for sustainable business practices. In the Sustainability Policy* we provide an overview of our corporate values, policies, guidelines, reports and certificates, as well as links to the referenced documents.
Ensuring the sustainable development of the company is a key factor in all management decisions at ams OSRAM. In order to achieve this strategic goal, the Supervisory Board of ams-OSRAM AG has established a committee for environmental, social and governance issues ("ESG" and the "ESG Committee").
Further information on corporate governance, such as the ESG Committee Charter or the Composition and Diversity Policy, can be found on our website under "Corporate Governance".
*We consider CSR and ESG to be synonymous with sustainability.
Compliance & Whistleblowing
It is our goal to effectively promote doing business in a legal and ethically sustainable manner. Our Compliance Management System (CMS) builds the fundamental framework to achieve this goal.
The CMS focuses on preventing violations of applicable Anti-Corruption, Antitrust, Data Privacy, Anti-Money Laundering and Export Control regulations through internal policies and training, detecting violations that have occurred, and responding to them with the necessary measures to prevent them in the future (Prevent - Detect – Respond).
Whistleblowing
If you become aware of any unethical or illegal practices related to ams OSRAM own business or our supply chain, please use our secure electronic reporting channel "Tell ams OSRAM" to inform us about potential risks or violations.
"Tell ams OSRAM" is available 24/7 to employees and third parties, and is multilingual, confidential and anonymous. All reporters of good faith are protected against retaliation as a matter of course.
Please help us identifying potential wrongdoing. Your voice matters and we need your support.
Supplier Management
As a global company with a vast network of suppliers, ams OSRAM recognizes its responsibility towards the environment and society across its entire supply chain. We are deeply committed to this responsibility and implement standardized risk analyses, tools, and processes to guide our selection of international partners and our collaborative efforts with them. Furthermore, we have established internal and external control mechanisms, specifically designed to ensure our compliance with human rights obligations, especially in relation to conflict minerals.
Quality
ams OSRAM stands for a high quality standard, safety and reliability of its products and solutions. At ams OSRAM, product safety starts with product development, accompanies the procurement and production process, and is an essential aspect for our customers during the product life cycle.
We regularly have our processes and management systems certified to ISO 9001 and, for automotive customers, also to IATF 16949. In the course of integration, there will be joint certificates in the medium term.
Cyber Security
The increasing digitization of business processes makes the reliability and security of the company-wide system infrastructure extremely important. Regulatory requirements for the protection, integrity, and availability of data are also on the rise. For ams OSRAM, as well as for our stakeholders cyber and information security are of great importance.
Contact Information
Contact: security@ams-osram.com
Incident management via 'Tell ams OSRAM'
More Information about Cyber Security
The ams OSRAM Group Management Board has defined a global Information Security strategy that is aligned with the company’s risk management and business strategy. The Information Security Management System (ISMS) is setup using ISO27001 norm.
As part of the overall Information Security strategy, the ams OSRAM Group has established a global Information Security organization that is coordinated by a Corporate Information Security Officer (CISO). The CISO reports directly to the Group’s Chief Information Officer with at least quarterly reporting to the Management Board members in “IT Board”; defined as the company’s “Information Security Committee”. Responsibility for cyber and information security within the management board is with the Chief Financial Officer (CFO) and with the Technology Committee within the supervisory board. Additionally identified cyber security risks are managed as part of our Enterprise Risk Management and as such supervised by the audit committee.
The ams OSRAM Group Management Board has issued Information Security and Data Protection guidelines which apply throughout the whole Group. The CISO directs and supervises the implementation of the information and cyber security management system (ISMS) globally. Mandatory information security and data protection trainings are designed to ensure that employees are familiar with relevant security policies and procedures. Global awareness tests are performed periodically.
Our ISMS includes all relevant elements such as governance, risk management, information and system management, thread and incident management and business continuity management. Threat and Incident Management is part of the ams OSRAM global Incident and Crisis Management. In addition, an emergency response service provider is contracted in the event of a serious cyberattack.
Our ISMS is externally validated. The ISO 27001 certification covers the global ISMS process of ams OSRAM. ams OSRAM’s ISMS is continuously improved and its effectiveness monitored by means of internal audits. Besides the annual external re-certification as part of ISO27001 and TISAX certifications, corporate audit triggers annually at least one external verification audit of Information Security-related processes and procedures, e.g., table top exercises or simulated hacker attacks. At the same time, all automotive production sites globally are verified at least with TISAX Level 2 and at least one with Level 3.
In the area of data protection, a comprehensive data protection management system has been implemented and globally applicable corporate guidelines ensure company-wide standards for handling personal data. Further refinement of data protection is promoted by actions that include training for all employees and implementation of uniform technical and organizational measures, particularly when data are being processed by external service providers.
Downloads
Compliance & Whistleblowing
Code of Conduct for Employees ams OSRAM
Rules of Procedure for the complaints procedure
Supplier Management
Code of Conduct for Suppliers ams OSRAM
Policy on Conflict Minerals ams OSRAM
Quality
Quality Policy ams OSRAM
ISO 9001 Certificates ams OSRAM
IATF 16949 Certificates ams OSRAM
Cyber Security
TISAX
ISO27001 - Premstaetten
ISO27001 - Munich
ISO27001 - Regensburg
Contact us
Contact information
As a company, our mission is to forster a sustainable future through innovation and collaboration.
For further information get in touch with us!
Contact: sustainability@ams-osram.com