Sophos is committed to Environmental, Social, and Governance (ESG) practices in its operations that are responsible and sustainable, can be objectively measured, and materially advance the Sophos corporate strategy.
The Sophos ESG Policy maintains its commitment to ESG practices by:
- Cross-function collaboration that acknowledges individual Sophos Business Team ownership of and responsibility for specific ESG indicators.
- Regularly and transparently reporting each ESG indicator to benchmark and communicate ESG progress, measure emerging risks, adhere to new regulations worldwide, meet industry standards, and identify continuous improvements.
- Establishing internal controls that identify practical objectives, create sustainable corporate conduct, guard ESG data collection, align with Sophos’ Code of Conduct, and bring about reliable governance practices.
- Declaring its commitment to the Responsible Business Alliance (RBA) Code of Conduct 8.0 (2025), as an industry standard, “key to the Company’s business strategy, which informs our decision making, and is core to our operations.”
- Continuously improving each ESG indicator that presents risks, does not meet regulatory requirements, falls below industry standards, or has not been properly developed.
- Working every day in a sustainable corporate culture that recruits, hires, and retains a diverse team and ensures inclusive hiring, parental leave, flexible time off, equitable pay, health and safety in the workplace, and key employee benefits.
- Creating Board oversight of Sophos ESG by reviewing Sophos’ annual reporting on ESG Indicators.
We place these practices at the core of Sophos operations.