international standards and best practices,
information security controls based on ISO 27001 Annex A,
risk management and assessment based on
ISO 31000 and ISO 27005, and
privacy regulations such as GDPR.
We expect our vendor partners to maintain the highest standards of business ethics, integrity and respect for human rights and to become familiar with and comply with our policies as outlined in our Partner Guide. We also expect vendor partners to operate their businesses in compliance with all applicable laws and to maintain lawful environmental, health and safety practices that meet or exceed all applicable laws and standards, as outlined in our Position on Human Trafficking and Slavery.
The Supplier is to hold and maintain at all times the Heimdall Code of Conduct addressing human rights, worker rights, the environment and corruption.
The Supplier must acknowledge HP’s Code of Conduct in all new contractual arrangements. The Supplier must do this by signing the HP Compliance Letter (exhibit).
The Supplier is obligated to communicate the contents of Compliance Letter (Exhibit) to related entities and subcontractors who support the Supplier in supplying goods, works or services on behalf of HP. This will ensure that subcontractors conduct their business in accordance with the Code of Conduct.
If requested by HP, the Supplier must provide evidence and confirmation of its compliance with the Compliance Letter (Exhibit), including by providing documents and records in support of its compliance.