Our impact Addressing risks in our portfolio Since the inception of Cisco’s business and human rights program in fiscal 2019, Cisco has engaged external stakeholders and experts to inform an ongoing saliency assessment of human rights risks across our product portfolio. This engagement has demonstrated that while Cisco’s technology is generally designed to advance human rights, potentially negative human rights impacts can stem from misuse of our products. This presents a challenge for Cisco because once our technology is sold, our control and leverage over its use are dramatically reduced. Even so, we want to mitigate this risk and plan to do so by reviewing product design requirements and guidance, establishing due diligence to anticipate and address the risk of misuse of our products, and working closely with the HRAC to inform our approach to these issues within other business units. Ensuring responsible use of AI/ML Artificial intelligence and machine learning (AI/ML) technologies have the potential to make sense of large amounts of data more quickly and efficiently than humans can. But they can also make mistakes. For example, inaccuracy and bias in facial recognition technologies can have harmful effects on vulnerable populations. As Cisco incorporates AI/ML features into our collaboration and security solutions, we must be vigilant in protecting against ways that they could potentially violate human rights or erode customer trust. To do this, we have developed a Responsible AI/ML Framework that engages a cross-functional group of experts from engineering, privacy, security, human rights, legal, government affairs, and others. This group works with outside experts to incorporate human rights principles into the design and use of AI/ML solutions. All Cisco products and services that incorporate AI/ML must be built according to Cisco’s AI/ML design requirements, which embed respect for privacy and security and strive to protect against unintended bias or discrimination. These control requirements were developed alongside the engineers who will ultimately have to comply with them, incorporating extensive feedback from teams to ensure requirements are practical and enable them to achieve their objectives. The requirements will be reviewed and updated periodically, ensuring that they evolve along with technology, market conditions, customer expectations, and threats. We have also developed an industry- leading approach for engaging with product teams to continuously improve our offers that include AI/ML. When a customer, partner, or employee reports unfair, biased, or discriminatory decisions, the Responsible AI/ML Incident Response Team analyzes the report and engages the appropriate team to resolve it. Once the issue is resolved, we may report back to the original submitter or a broader group of Cisco customers, employees, and partners on the findings of the investigation and remediation steps taken. The Responsible AI/ML Framework also includes oversight of a Responsible AI/ML Committee that will: ● Set and drive adoption of Cisco’s Responsible AI/ML policies and practices. ● Review sensitive, high-risk, and edge use cases that cannot be effectively mitigated. ● Review AI/ML incident reports of bias or discrimination. ● Advise Cisco leadership and employees on responsible AI/ML issues, technologies, processes, and best practices. External engagement on human rights Cisco subject matter experts and members of the BHR team continue to participate in grassroots organizations like RightsCon and share best practices through groups like the Article One Business Roundtable on Human Rights & AI and the Business for Social Responsibility (BSR) Human Rights Working Group. We have also joined the United Nations’ B-Tech project, which provides guidance for implementing the UNGPs in the technology sector. 56% of consumers are concerned about how organizations are using AI today. Cisco 2021 Consumer Privacy Survey FUTURE INTRO POWER INCLUSIVE 2021 Cisco Purpose Report | csr.cisco.com | ESG Reporting Hub 22