Supply Chain Security

C-TPAT

Keysight is committed to participating in and supporting the Customs-Trade Partnership Against Terrorism (C-TPAT) program. As a strong advocate of the C-TPAT program, Keysight’s goals are to enhance and maintain effective security processes throughout the global supply chain, and to ensure the timely delivery of all incoming cargo.

Keysight urges each of our US suppliers to join C-TPAT. In addition, US Customs expects non-US suppliers to implement appropriate security measures to secure their goods throughout their international supply chains. Accordingly, Keysight expects each of our suppliers of goods or services to notify their plants, offices, and subsidiaries of the C-TPAT program and of Keysight’s participation.

• Keysight C-TPAT Requirements

Cybersecurity

As set forth in Keysight Computer Virus Control Policy, we are committed to assuring that instruments manufactured, refurbished, serviced, calibrated, and demoed by Keysight are free of malware and other computer-based threats. In supporting this commitment, we launch a multilayer approach such as provide employees’ training and create their awareness on the risks of the computer malware and the processes to prevent viruses, conduct audit to assess our adherence to the policy, control the contact with the internet and detachable media, and etc. We expect supplier to implement the similar cybersecurity control to protect both Keysight and their facilities from any cybersecurity threat.

Keysight is focused on assessing supply chain cybersecurity through Keysight’s Cyber Supply Chain Risk Management (CSCRM) process to identify potential threats and areas of concern. We request our supplier to complete the cybersecurity questionnaire, to give us a better understanding on the supplier’s cybersecurity control level.

We value the privacy of our employees, our customers and third parties with whom we do business and committed to the responsible collection, storage, use, transfer and disposal of their personal data. This commitment is outlined in our Standard of Business Conduct and Supplier Privacy Statement. Our employees with access to personal data in their work at Keysight are required to protect the information entrusted to them. Similarly, suppliers with access to personal data belonging to Keysight employees or other third parties, shall comply with the terms of any data privacy agreement or addendum with Keysight. Suppliers shall implement administrative, physical, and technical safeguards to protect any personal data and comply with all applicable privacy and data protection laws, regulations, directives, including, if applicable the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679.