2015 Corporate Responsibility Report

Download PDF

Regulatory and Legal Compliance

We maintain and continuously seek to improve our company-wide compliance program, with strong corporate values and integrity at the center of all our actions. This strong foundation assists in effectively managing legal and regulatory risks. As we grow globally, we are ensuring that we understand and comply with applicable laws not only of the United States, but also other countries where we conduct our business and operations.

EHS Regulatory Agency Reviews Northrop Grumman operations are subject to review and audit by regulatory agencies and other authorities including federal, state and local environmental, health and safety agencies, as well as building inspectors and fire marshals. These reviews and audits provide an important perspective on operational compliance and effectiveness of our programs and procedures.

In 2015, EHS-regulatory agency representatives corresponded with us, or visited Northrop Grumman sites, 165 times resulting in 23 EHS-related administrative actions.* We resolved each action with none resulting in significant fines.

*"Administrative action" refers to an action by a federal, state or local government agency with authority over EHS requirements that is resolved through the payment of a fine or penalty.
Regulatory and Legal Compliance Key Elements

Commitment from Management: From the top of our business, led by Wes Bush, our chairman, CEO and president, through our ranks of management, Northrop Grumman’s leadership demonstrates a proactive, visible and steadfast commitment to ethics and integrity. Our compliance program has been designed, and is implemented, to build on and enhance our corporate values across the company.

Standards and Policies: In addition to our Standards of Business Conduct, we develop, enhance and maintain a comprehensive set of policies and procedures designed to implement robust internal controls. We also disclose litigation and enforcement actions related to non-compliance with laws and regulations, investigations and other issues that may relate to claims of non-compliance as appropriate in our public filings.

• Oversight and Resources: Our Office of the Chief Compliance Officer; Compliance Council; Global Corporate Responsibility; Ethics; Internal Audit; and other functions work together to provide the needed oversight and resources to drive our compliance program.

Risk Assessment: Our Enterprise Risk Management Council evaluates the risk factors disclosed in our public filings and the strategies to mitigate or address those issues.

Incentives and Discipline: We publicly recognize employees who do the right thing. We have also established trusted and effective processes for addressing allegations and administering discipline to those employees who commit misconduct.

Due Diligence: We devote significant resources to evaluating and carefully selecting third parties with whom we do business as sales representatives, partners, consultants, suppliers or teammates. We clearly communicate our expectations that these third parties must share our commitment to doing business with the highest levels of ethics, integrity, privacy and compliance with applicable laws and regulations.

Review and Audits: Through feedback mechanisms such as employee surveys and our well-established corporate audit program, we review and identify areas for potential enhancement of our compliance program.

Anti-Corruption Compliance: Northrop Grumman conducts all business in accordance with high ethical standards and in compliance with all applicable anti-corruption laws. We maintain a zero-tolerance policy with regard to bribery and corrupt business practices. Anti-corruption compliance is not only the responsibility of compliance personnel but also it is the responsibility of every employee.

We ensure that our anti-corruption compliance program is integrated with our international growth strategy. We conduct internal risk assessments and evaluate the strength of our anti-corruption compliance program against standards provided by government authorities and industry best practices. Our continuous improvement program helps ensure that our compliance programs and resources are effectively applied and deployed for the risk presented.

In 2015, we implemented several significant anti-corruption compliance initiatives. These include a revised international anti-corruption policy, an enhanced third-party due diligence procedure allowing for a more refined risk-based approach to our assessment of business relationships and new technologies to embed industry best practices for anti-corruption compliance more seamlessly into our business processes.