Since 2010, IBM® has required that all of its first-tier suppliers maintain a management system to address their social and environmental responsibilities. In summary, we require all IBM suppliers to have a corporate responsibility and environmental management system in place, measure performance, set goals, disclose results and communicate the requirements to their upstream suppliers who perform work material to the goods and services provided to IBM.
Review the compliance guidelines, terms and conditions, tax forms and more to help suppliers do business with IBM Procurement.
Explore in detail the different support channels available to help suppliers resolve procurement-related issues and concerns.
Read the chief procurement officer’s letter which outlines the various environmental and supply chain social requirements for our suppliers.
View the full set of environmental requirements and how IBM conducts environmental evaluations of suppliers.
View IBM’s requirements for suppliers to have a management system for corporate responsibility and environmental management.
IBM's requirements for suppliers to establish and maintain a corporate responsibility and environmental management system, measuring performance, setting goals and disclosing results are:
Environmental design requirements are communicated and verified with suppliers.
IBM's design and compliance controls, including a specification for baseline environmental requirements for supplier deliverables to IBM, a product content declaration for IBM suppliers (PCD), packaging compliance and controls and compliance assessment protocols, are managed by interdisciplinary teams with representatives from IBM organizations that design, manufacture, procure, deliver and service our product offerings. The team's activities are coordinated by IBM's Center of Excellence for Product Environmental Compliance.
Learn more about environmental requirements for suppliers on the Resources for suppliers page.
The suppliers of materials, parts and products to IBM must provide information to verify the compliance of their products to IBM's environmental requirements. The product content declaration for IBM Suppliers can be used to document the environmental data necessary to establish compliance of procured materials, parts and products to IBM engineering specification 46G3772: product content declaration (PCD) for IBM suppliers-IBM part number 46C3484.
To access the recording, users need to have a registered account to Box@IBM. Users can register by clicking on the recording links.
IBM 2Q 2022 PCD Release New Release of IBM’s Product Content Declaration (PCD) Form 2Q 2022
If after reviewing the PCD education, you still have questions or need assistance in completing the IBM's PCD form, please send an email to: PCD support.
The supplier is expected to have and maintain a business continuity plan and business continuity testing procedures, which include but are not limited to the areas of disaster recovery planning, pandemic planning and cyber security.
Cyber security programs expected include, at a minimum, provisions to prevent, detectand respond to cyber security incidents. Read more in the supply chain security section.
The supplier shall agree to review, update and test the business continuity plan annually and, upon IBM’s request, provide a summary of the business continuity plan and test results. IBM may, from time to time, provide feedback regarding the plan and requests that the supplier take IBM’s comments into consideration when updating the plan. However, the supplier remains solely responsible for the performance of its responsibilities under the agreement and the adequacy of the business continuity plan regardless of whether IBM has reviewed or commented on the plan.
Data and its protection are becoming increasingly important to individuals and enterprises. The European Union enacted the general data protection regulation (GDPR) which became effective on 25 May 2018. The GDPR gives individuals better control over their personal data and establishes one set of data protection rules across the European Economic Area (EEA). The GDPR applies to organizations that process EEA personal data, even if that organization is established outside of the EEA.
Suppliers who have entered into one or more agreements with IBM to provide services involving the processing of IBM personal data, that IBM, IBM personnel, a client, or client’s personnel, provides supplier or uploads to or stores in a contracted service, or cloud service, or to which supplier otherwise has access to, will deploy technical and organizational measures implemented by the supplier to implement a level of security appropriate to the risk, compliance with data protection laws and the protection of the rights of data subjects.
Those suppliers will, upon request, provide IBM with annual certifications and audit reports from accredited independent third-party audits to show GDPR compliance and will submit to audit to demonstrate compliance.
Scope 1 greenhouse gas emissions: Direct emissions generated by the company; Occur from sources that are owned or controlled by the company such as emissions from combustion in owned or controlled boilers, furnaces, vehicles, etc.
Scope 2 greenhouse gas emissions: Indirect emissions from consuming purchased or acquired electricity, steam, heatand cooling.
Greenhouse gases include carbon dioxide (CO2), methane (CH4), nitrous oxide (N2O) and fluorinated gases such as hydrofluorocarbons (HFCs), perfluorocarbons (PFCs), sulfur hexafluoride (SF6) and nitrogen trifluoride (NF3).
Illustrative information about IBM's own global environmental management system and environmental reporting and disclosure can be found at IBM's Global Environmental Management System and Environmental Reporting and Disclosure websites.
IBM reserves the right to assess the supplier's conformance to these requirements any time during the term of the purchase order. Failure to comply with all applicable requirements can ultimately result in termination.