Company Governance
At Zyxel Networks, sustainability is not just an initiative—it’s a responsibility embedded in our mission. As we empower businesses with secure and intelligent networking solutions, we are also committed to reducing our environmental impact. By integrating energy efficiency, responsible sourcing, and low-carbon product development into our business, we strive to create a more sustainable future. Together, we can build a greener and more connected world.
In line with this goal, Zyxel Networks strives for positive impact – an integral part of our 20-year sustainability initiatives. From our valued employees to the entire value chain, we are deeply committed to minimizing environmental impact while investing in our operations. This creates an agile and resilient business, marching towards a connected and sustainable future.
Driving positive impact aligning with UN SDGs
The Zyxel Group ESG Committee aligns with the United Nations Sustainable Development Goals (SDGs), conducting analyses and identifying topics of concern to our primary stakeholders. This process informs the establishment of our sustainability objectives.
We defined 10 SDGs as our guiding principles on the path to our development, propelling us closer to a sustainable and more prosperous world.
Sustainable excellence through governance
As a subsidiary of the Zyxel Group, Zyxel Networks adheres to the group-wide unified company governance principles and ESG management strategy of its parent company. We align with the mid- and long-term goals set by the Zyxel Group ESG Steering Committee, which serves as the highest ESG governing body within the Zyxel Group.
Chaired by the CSO of Zyxel Group, the committee comprises senior managers from each functional department. Committee members provide weekly updates to the Committee Chairman and monthly reports to the ESG Steering Committee to monitor performance, smooth implementations, and propel continuous improvements.
Upholding business ethics and integrity
Our corporate culture is firmly grounded in business ethics, integrity, and compliance with both international and local laws and regulations. To ensure a sustainable business environment, we have established a robust corporate governance and risk control mechanism rooted in these core values. This mechanism encompasses the development of internal policies, procedures, training programs, performance evaluations, and declarations.
Zyxel holds all stakeholders accountable for upholding ethics and integrity. We require strict adherence to the Code of Conduct, which covers crucial areas: "Regulation compliance," "Anti-corruption," "Fair trade," "Intellectual property," "Information security," and "Conflicts of interest."
Ensuring business continuity for operational resilience
To ensure rapid recovery in the face of operational disruptions, Zyxel Group has established a "Business Continuity Management (BCM) Committee." Guided by the ISO 22301 framework, the committee, led by the President of each subsidiary, brings together an executive team to develop Business Continuity Plans (BCP). These plans address various scenarios such as supply chain interruptions and production halts. Zyxel conducts annual drills and continuously refines these plans, integrating business continuity into its daily operations and management processes.
Safeguarding information security
Adhering to the ISO 27001 framework for information security, the Zyxel Group has instituted an Information Security Committee. This dedicated team, led by the Chief Information Security Officer (CISO), is tasked with setting objectives, strategic planning, and policy formulation in the realm of information security. The task force regularly reports to the Board of Directors on the progress of each security information optimization milestone.
The Information Security Team assumes a wide array of responsibilities, encompassing the monitoring of security activities and incidents, the execution of information security projects, and the administration of internal information security awareness and training initiatives.
In addition to the Information Security Committee, Zyxel prioritizes product security and has established the Zyxel Product Security Incident Response Team (PSIRT) to proactively handle vulnerability reports, investigate security issues, and implement the best measures to protect our customers. Zyxel is also a designated CVE Numbering Authority (CNA) and has achieved the Provider Acceptance Level for both the CVSS v3.1 severity assessment standards and the CWE vulnerability classification system. Furthermore, Zyxel is the first Taiwan-based vendor to sign the Secure by Design pledge, initiated by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), underscoring our commitment to delivering trusted, secure solutions.
Aligning with global sustainability initiatives and ratings
Engaging with stakeholders
The expectations of Zyxel's stakeholders, whether they are external or internal, hold significant sway over our ongoing endeavors to optimize operations. We have established diverse communication channels tailored to each stakeholder group. Additionally, we have conducted a thorough materiality analysis to align our strategies and action plans with the concerns of our stakeholders. Zyxel identifies six categories of stakeholders:
Material issues for operational and value chain impact
We evaluate the following material topics in governance, environment, and society, taking into account their influence on operations and the value chain.
