Dear Supplier,
At Inzpire, our vision is to become the most trusted and respected defence and security company in the world. It is therefore important that we ensure our Supply Chain is trusted and respected too and is supportive of our vision.
Working with our suppliers to be open and transparent, we want to build strong long-lasting relationships that mutually benefit both companies for long into the future.
This Supplier Code of Conduct sets out principles which Inzpire believes will foster the right supplier relationships to enable continued growth in the defence and security sector.
Nothing in this document is intended to conflict with or modify any existing or forthcoming contractual terms between Inzpire and our suppliers. This document offers guidance for best practice and is open to our suppliers for comment or contribution.
Our suppliers are a key factor in our success, and we expect that you and your suppliers strive to comply fully with this code to ensure you become part of our success story.
We expect that the below is communicated and flowed down to all parts of your supply chain that relate to Inzpire contracts.
Inzpire operates a zero-tolerance approach to bribery and corruption, its foundations rooted in the Bribery Act 2010. We expect that our suppliers have appropriate and adequate procedures within their organisation to prevent such activity from happening. Whether directly or through a third party, our suppliers must not under any circumstance offer or give, accept or receive any payment, benefit or gift that could be seen as a bribe, kickback, favour, gift, gratuity or other improper payment.
We expect all our suppliers to abide by the Bribery Act 2010 and have in place an Anti-Bribery and Corruption Policy (or similar). Should there be any instance where your organisation acts in any way contrary to the legislation, please notify Inzpire as soon as possible.
Inzpire requires its suppliers to respect human rights and address salient human right issues including modern slavery and human trafficking as required by the Modern Slavery Act 2015. All work should be conducted voluntarily on the part of the employee, who must not be under the minimum legal age for employment where the work is performed. Employees should be engaged properly in their local language and in line with the laws of their jurisdiction so the employee is clear what they expect with regards to their wages, working hours, employment conditions.
We expect all our suppliers to abide by the Modern Slavery Act 2015 and have in place a Modern Slavery Policy (or similar). Should there be any instance where your organisation acts in any way contrary to the legislation, please notify Inzpire as soon as possible.
Inzpire is committed to achieving net zero greenhouse gas emissions across our operations by 2040. We cannot do this without the help of our suppliers. As such, we encourage all our suppliers to commit to reducing their emissions to net zero greenhouse gas emissions by 2050 (or sooner). Due to the increased customer focus on emission levels and traceability of our supply chain, we expect to see future opportunities favouring low emission solutions.
We expect our suppliers to abide by all applicable laws and regulations regarding the environment, and ensure they are actively managing environmental risks.
Conflicts of Interest may occur when an employee’s personal interest (or those of their close relatives or friends) interferes with their ability to make an objective business decision without bias. Any actual, perceived or potential conflicts of interest should be mitigated appropriately and disclosed to Inzpire (and any other party affected) as soon as the conflict becomes apparent.
It is important that Inzpire complies with its obligations under the UK GDPR & Data Protection Act 2018 and therefore expects all suppliers to comply with the same. Our suppliers shall have in place appropriate measures to protect the integrity and confidentiality of our data and ensure that there is no unauthorised access of the information, except where prior permission has been given by Inzpire to do so.
If there have been any issues with the processing of our data by the supplier, please notify Inzpire via email to grc-mail@inzpire.com within 24 hours, inclusive of weekends.
Due to the nature of our business, we must ensure that we comply with all applicable laws and regulations governing export, re-export, transfer of goods, technology, software and services, the import of goods as well as economic sanctions and embargoes. In support of that we require that our suppliers always provide complete, truthful and accurate information with regards to their products/services and obtain export licenses or other authorisations when required.
Inzpire is committed to fair pay of all our direct employees, who all receive the real living wage as a minimum. Each employee will also be in receipt of a yearly uplift to reflect the cost of living at that time. We expect our suppliers afford their employees the same generosity.
Inzpire will continually work with it’s growing number of suppliers to ensure that fair pay is upheld in our supply chain.
Inzpire champions the 12 Principles of Supply Chain Security set out by the National Cyber Security Centre. These Principles require that Inzpire and its suppliers collaborate to achieve an effective and compliant approach to managing their systems.
We expect our suppliers to provide appropriate protection for our contract information and contracted products or services and that your key staff understand the associated security risks and each understand their responsibilities to help manage those risks.
We encourage all suppliers to continuously improve their security arrangements, something Inzpire will support through sharing any lessons learned throughout the course of our relations. Businesses who are keen for continuous improvement will be perceived favourably by Inzpire.
Through collaboration, Inzpire seeks to build strategic partnerships with its suppliers. Through effective communication and a joint approach to supply chain management, we can both benefit from growth, prosperity and innovation.
Specifically, we expect all suppliers to comply with our Minimum Requirements:
Cyber Essentials Scheme – the supplier shall hold and continue to hold a valid Cyber Essentials Certificate.
Access Management – Inzpire’s information should only be accessible to permitted parties ie Employees, Sub-Contractors etc. and if permitted parties use personal devices then appropriate security controls should be implemented
Password Management – password requirements should follow NCSC guidance & Cyber Essential requirements and passwords should be individual and not written down or shared
Data Backup and Retention – the supplier should ensure that the Inzpire’s data is backed up and retained for the requirements of the contract
Incident Reporting, Response and Recovery – the supplier must notify Inzpire without undue delay of any information security incidents within 24 hours of becoming aware by contacting IT-Man@inzpire.com
Email Security – all owned domains should be monitored for SPF, DKIM and DMARC usage
Cyber Security Training – all staff complete training upon joining the organisation and is refreshed every 12 months.
Inzpire may modify this Code from time to time by giving the supplier at least 30 days’ notice in writing, electronic communication included.