Safety, Physical Security and Business Continuity

Safety and Physical Security

There are a variety of regulatory mandates that enforce workplace health, safety, and security practices across any business. These inform our initiatives here at Synopsys by establishing a minimum standard for expected performance across our global organization. But we aspire to be world-class in every part of our business, especially when it comes to the safety and security of our employees and operations.

As such, we strive to produce a work environment for our people around the globe that is free of accident, illness, and violence. We work to achieve this goal by engaging with our people through ongoing vigilance, prevention, and awareness.

As our business grows and evolves, we will continue to ensure workplace health, safety, and security while meeting our goals for operational productivity, efficiency, and customer service. Synopsys drives these efforts through communication and education around issues and opportunities in four specific areas:

• Workplace Health & Safety – we identify and manage hazards and prevent illness and injuries in the workplace by establishing proper safeguards and by keeping our employees informed.
• Physical Security – we instill proactive adherence to security procedures and vigilant awareness for safeguarding our employees, the company, and its assets.
• Emergency Preparedness & Resiliency – we encourage a perpetual state of awareness and alertness to enable quick and mindful action in the case of an emergency to protect our people and operations from disruption and harm.
• Travel Safety – we support a continuous safety and security mindset outside of the workplace and around the world for travelling employees.

Through continuous and cooperative efforts, Synopsys creates and nurtures a positive safety and security culture across the company.

Business Continuity and Resiliency

Synopsys is committed to ensuring a safe and secure environment for our employees, contractors, and visitors, while maintaining the continuity of our business operations. We recognize that a prepared and resilient business is not only a strategic and competitive advantage, but essential to the overall vitality of our company, our customers, and shareholders. We are ISO 22301 certified for Business Continuity Management, confirming our ability to endure major incidets or disasters.

Our goal is to not only reach a level of business continuity compliance, but to achieve a level of enterprise readiness and resilience that enables us to absorb impacts from disruptive events and recover in a timely and effective manner. To achieve this goal, it will require ongoing support and active participation by everyone at all levels, functions, and business groups across the company.

Our Business Continuity and Resilience Program is comprised of, but not limited, to the following:

• Conducting a risk and vulnerability assessment (RVA) for each location where operations are conducted. The RVA will assess the risk and exposure to physical, natural, human made, and geo-political risks.
• Conducting a business impact analysis (BIA) for each business group to identify critical business processes, owned and shared resources and identifying where supporting functions are performed.
• Developing and formulating the recovery time objectives (RTO) and identifying the recovery point objectives (RPO) for critical systems and data loss.
• Defining the business continuity strategy in documented business continuity plans (BCP) including defined response actions to restore operations and to ensure people, processes, infrastructure and information technology resumption and succession.
• Periodic updating to reflect changes in the company including change of personnel, locations, processes or as required for operational / financial purposes.
• Regular testing and validation of the business continuity plans to ensure they are up to date and effective.