Asset protection | Emergency response | Crisis communications | Looking ahead
The purpose of TI's business continuity program is to identify risks and prepare for potential business impacts to minimize or avoid any resulting interruption to TI's operations or supply chain.
In 2013, our Business Continuity steering team updated and successfully rolled out a global policy to further strengthen continuity planning, response and recovery efforts. The policy requires all sites to prepare crisis and incident-management plans, and to appoint an on-site coordinator to manage business continuity activities.
In 2013, our Business Continuity team also:
- Mapped the supply chain to identify and procure alternative sources for critical materials.
- Assessed the business continuity programs of critical suppliers.
- Trained and conducted exercises with all wafer fabrication facility employees, as well as strategic design and sales sites, to improve their local business continuity programs.
- Monitored water use and consumption reduction efforts in water-stressed regions. As part of our routine risk-assessment process, we assess water availability when considering new sites or expansions.
- Earned our certification as a member of the Customs-Trade Partnership Against Terrorism program. We also met the Department of Homeland Security's Chemical Facility Anti-Terrorism Standards.
In 2013, TI experienced a noticeable increase in cyberattacks – persistent attempts to disrupt the company's information technology systems and steal intellectual property. Such email and Internet attacks are becoming more automated and sophisticated, and can be initiated from across the globe.
To counter these threats, we met with industry peers, financial institution security leaders and external consultants to identify trends, stay apprised of defense and monitoring technology, and share best practices. We also:
- Implemented two-factor authentication for remote users before they can access information inside our firewalls, and strengthened software security controls.
- Deployed additional security training for employees to educate them on how to protect computers against new types of attacks and how to effectively respond to attacks if they occur.
- Adopted the latest firewall technologies to protect against new forms of attack. We also implemented new technologies to correlate and analyze network and computer traffic and quickly identify suspicious behavior.
- Used more powerful servers, virtualization technology and storage solutions so that we can quickly recover large amounts of design and manufacturing data in the event of a disaster at one of our facilities.
Emergency response and incident management
To improve coordination and preparedness, TI:
- Conducted emergency response team (ERT) surveys at all major manufacturing sites to determine emergency response readiness. As a result, we provided additional training, conducted scenarios and held regional train-the-trainer courses for ERT leaders in Asia and Europe.
- Enhanced emergency communications systems, allowing for quicker, more effective and more reliable delivery of emergency information to stakeholders.
- Updated our crisis communications plan to address rapidly changing trends and requirements of social media platforms (including Twitter, Facebook, LinkedIn and our own E2E Community) and ensure timely and effective stakeholder engagement.
In 2014, TI will further refine and improve its business continuity program by:
- Proactively monitoring and testing our computer network and systems, identifying vulnerabilities and suspicious activity to prevent cyberattacks and respond quickly and effectively to mitigate any potential impact.
- Visiting suppliers to evaluate and verify their business continuity programs and emergency response readiness.
- Completing the full integration of TI's emergency response and communications strategies and protocols with our sites in China.
- Working toward the implementation of the ISO 22301 international business continuity management standard by 2016.
- Implementing fire-protection program effectiveness globally and evaluating the competency of fire-protection coordinators.