Sustainability

DHI Group, Inc. is a provider of AI-powered career marketplaces and software services that focus on connecting technologists with employers. Our distinct websites serve as online marketplaces where employers and recruiters find and recruit prospective employees, building and supporting workforces across North America.

Our unique focus on technology careers empowers professionals to grow a career that impacts livelihoods and adds values to the communities in which they live.

DHI is committed to providing an equitable environment for its employees, clients, and shareholders. Environmental stewardship, social responsibility and corporate governance practices are upheld across our business.

Statements, Resources & Policies

Environmental Footprint

DHI has 3 physical office locations: Denver, Colorado; Des Moines, Iowa and New York, New York. We collect energy consumption from those locations monthly and make reasonable efforts to increase efficiency in these locations. Total energy consumed is calculated based on monthly averages for the previous quarter. Our technical infrastructure is hosted by Amazon Web Services (AWS). DHI continues to seek efficiency in use of its technology platform and under the terms of the contract we are unable to disclose total usage.

62,700 kWh/month Total combined energy use of DHI's offices (average)

Percentage Renewable vs. Non-Renewable

DHI’s renewable energy sources: biomass, hydroelectric, solar, and wind. DHI’s non-renewable energy sources: coal, natural gas, nuclear, and petroleum.

81.8% Renewable (estimate) 18.2% Non-Renewable (estimate)

DHI is committed to sourcing 100 percent renewable energy for our facilities regarding GHG Scope 2 consumed electricity starting in 2021 and beyond. DHI has purchased Green-e certified renewable energy credits (RECs) covering all non-renewable energy sourced electricity for 2021, as well as credits covering expected electricity consumption in 2022 and 2023. With this purchase, we believe we have achieved our net zero GHG Scope 2 emissions near-term goal as well as working towards our long-term goals for 2022 and 2023.

Our Scope 2 emissions result exclusively from electricity use. As a result, implementing projects to reduce our electricity use and increasing our use of renewable electricity are major parts of our energy and GHG reduction strategy. See table for details.

KPI

FY21*

FY22 (est)

FY23 (est)

Total GHG Scope 2 Electricity from non-renewable sources in MWh.

136.889

174.269

222.863

Purchased RECs

140

200

260

% of Coverage

102%

115%

117%

*FY21 Base Year

 

Employee Engagement

In 2021, we continued our approach to gain anonymous feedback and insights from employees through the Gallup® Engagement Survey. Gallup’s extensive database includes 35 million respondents from more than 195 countries and provides benchmarking data to improve productivity and overall engagement with the organization. DHI participates in this survey on an annual basis. DHI is neither sponsored by nor affiliated with Gallup®.

Expanding Engagement

Key findings from the 2021 survey include:

  • 91% of our employees participated in the latest engagement survey.
  • At DHI, 66% of team members are engaged. According to Gallup statistics, 36% of U.S. employees are engaged in their work and workplace, therefore DHI ranks above average.
  • DHI ranks highest in manager care, demonstrating team members feel their managers care and support them as a person.
  • Only 5% of DHI team members are actively disengaged from the organization. According to Gallup statistics, 15% of U.S. employees are actively disengaged.

In 2021, DHI focused on expanding existing programs which enhance employee connectiveness and foster a sense of inclusion at the company. Examples include:

  • The environment in which our employees work is an empowered choice. In September, DHI opened offices for in-person work as an option for any vaccinated team member, fully supporting a hybrid environment for team members who choose to work remotely for the foreseeable future.
  • We introduced an employee stock purchase program, enabling employees to purchase DHI shares.
  • Expanded our benefits offering to include greater mental health coverage by offering the Calm mental fitness app to all employees.
  • Recognizing the importance of mental health, DHI closed all offices for two mental health days offered to all employees in September.
  • Continued Flexible Fridays to allow employees time to refresh and balance work/life commitments.

Investing in Learning & Development

In 2021, DHI invested in learning and development and enabled new opportunities to grow careers.

  • Inclusive Leadership Training focuses on key principles and characteristics of a good leader.
  • Inclusive Hiring training focuses on tools to remove bias from the recruiting and hiring process to broaden the candidate pool and bring more diverse talent to DHI.
Effective coaching teaches leaders how to have impactful and inclusive conversations with team members to create a greater sense of self awareness and commitment to growing careers within DHI. In addition to group coaching training, some individuals within the organization engage in executive coaching one-on-one sessions on a monthly basis.

All employees participate in annual security and anti-corruption training.

DHI budgets for professional development training by functional group and individuals each year. Professional development could include attending an online class to learn a new skillset, attending a conference or finding opportunities within the organization to grow skillsets.

Additionally DHI has a tuition reimbursement program designed to provide employees with financial assistance in continuing their education.

Diverse and Skilled Workforce

At DHI, we believe creating a culture that celebrates diversity and promotes inclusivity is critical to how we succeed as an organization. To achieve our mission of Connecting Futures Now and serve as an ideal employer, we promote diversity, equity and inclusion as programs and as an overall culture within the organization.

It is a strategic objective of DHI to focus on building a culture of inclusivity, anchored by four pillars: diversity training, inclusive hiring practices, volunteering in marginalized communities and employee resource groups. We are committed to building a diverse and inclusive workforce and making meaningful progress on making DHI an inclusive environment and driving improvements in this area over time.

DHI has office locations in Denver, Colorado; Des Moines, Iowa; and New York City. The distribution of employees by location is as follows:

  • Denver 39%
  • Des Moines 39%
  • New York 7%
  • Field 15%

According to 2020 United States Census Bureau data, the demographic populations where the majority of our team members reside is: Denver 67% white and 33% other; Des Moines 80% white and 20% other; and New York 47% white and 53% other. As part of our ongoing effort to attract and retain a diverse workforce, DHI partners with DiversityJobs.com to post open positions and attract a broader pool of diverse candidates. We are especially focused on attracting more women in technology and sales positions, as well as a more racially diverse management team. DHI is also expanding its hiring practices, allowing positions to be hired remotely, significantly widening our pool of available talent beyond the cities where our offices are physically located.

During 2021, we launched several programs to assist in diversity and inclusion efforts, including:

  • Nearly all team members within DHI have participated in Unconscious Bias and Allyship trainings with our diversity partner, PowerToFly. New hires within the organization were also trained prior to December 31, 2021.
  • 99% of leaders and managers in the organization participated in virtual Inclusive Leadership and Inclusive Hiring training. Building upon this momentum, we will be launching inclusivity training for team members in 2022.
  • Launched Team Member Resource Groups for employees of underrepresented populations to share experiences and have a shared space.
  • Introduced inclusive fertility benefits which support everyone and everything and all paths to parenthood.
  • Continuing into 2021, DHI closed all offices in honor of the Juneteenth holiday and expanded its holiday calendar to include Martin Luther King, Jr. Day. Additionally, DHI continued its policy of Veteran’s Day being a paid holiday for any team member who served in the armed services.

Workforce Diversity Table
Position ASIAN BLACK OR AFRICAN AMERICAN HISPANIC OR LATINO WHITE OTHER N/A
Management 0 0 5 91 1 1
Technical Staff 13 5 3 85 3 0
All Other Employees 5 6 11 205 10 2
Other includes the classifications: Native American or Alaska Native, Native Hawaiian or Pacific Islander, and “Two or More Races”
Workforce Gender Diversity Table
Position FEMALE MALE N/A*
Management 30 68 0
Technical Staff 19 90 0
All Other Employees 117 122 0
Technical staff includes employees categorized in the 15-0000 group (Computer and Mathematic Occupations) or 17-0000 group (Architecture and Engineering occupations) or the U.S. Bureau of Labor Statistics’ 2018 Standard Occupational Classification System.

Data Privacy

Data privacy is at the foundation of DHI’s and our brands’ values and the way in which we treat both our users, professionals and clients. We are committed to safeguarding the privacy of our users, whether they are our customers or candidates on our sites. It is vital that those utilizing our services and visiting our websites trust our platforms and our ability to protect any information provided to us. As such, we pride ourselves on our ability to maintain that trust through compliance with the stringent data protection regulations that apply to our products and services.

Our approach to data privacy aligns with the following principles:
Transparency – we make it clear to the user what data is collected, how it is collected, how it is used, and with whom it is shared.
Accountability – we make ourselves available to our users through multiple avenues if there are any questions or concerns about their data.
Control – we give our users the ability to inquire what data we have about the user, update the data, if necessary, retrieve the data, and, if the user so chooses, delete the data.

DHI engages a Data Protection Officer who not only assists our brands with compliance but also keeps the company abreast of the constantly evolving world of data privacy. This allows the company to keep pace with changing rules and regulations, and to ensure that our users are provided with the most up to date rights and protections possible.

Each of our brand’s privacy practices are audited on an annual basis by our third-party data privacy auditor, TrustArc, to ensure we practice what we preach. As evidence of our compliance, TrustArc provides a badge displayed on both Dice’s and ClearanceJobs’ privacy policies.

Our practices and procedures regarding data privacy are outlined in detail in each brand’s privacy policy, available at:
Dice Privacy Policy: https://www.dice.com/about/privacy-policy
ClearanceJobs Privacy Policy: https://about.clearancejobs.com/privacy-policy

Data Security

DHI recognizes that protecting data is fundamental to maintaining the trust of our customers and candidates. All data that flows across our network is secured at every level. We utilize tools and techniques to monitor our platform for anomalies and engage our security incident response process to take further action.

DHI is vigilant about Privacy and Data security and incorporates industry standards to implement our security and compliance programs. DHI uses a security incident response process and tracking system for every incident to ensure the appropriate actions are taken and the incident is fully resolved. Any member of the company can report a potential data breach, and we will immediately investigate. As a part of that process, we determine if the characteristics of the incident resulted in a data breach, and if so, we evaluate the data classification. Depending on the data classification we will take actions to report and communicate the breach.

DHI has implemented data security standards in our architecture and system design techniques. Standards are applied at the various levels within the platforms, services, and integrations. We perform periodic reviews and testing of our subsystems to ensure compliance with the standards. When deploying new software, we run operational readiness reviews where data security of the new software is reviewed and demonstrated.

Metrics for this reporting period:

  • 0 Data Breaches
  • 0 PII Data Breaches
  • 0 User(s) affected

Data Security Risks

Cybersecurity Standards

DHI has implemented a cybersecurity framework based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). Every quarter we assess the organization’s implementation of each control, evaluating policies, standards, and procedures and the output is represented in a heatmap providing visibility to specific areas needing improvement. The heatmap is presented to the Security Council, which includes members of our organization’s senior management team and the Audit Committee of our board of directors each quarter.

Approach for Identifying Vulnerabilities

DHI uses third party services to perform external vulnerability scanning and testing of our web properties and cloud infrastructure. These scans run on a continuous basis and identify several categories of vulnerabilities including Open Web Application Security Project (OWASP) Top 10 application risks and Center for Internet Security (CIS) Benchmark best practices. In addition to external scanning, DHI also runs weekly internal scans on all servers and workstations to detect Operating System and application vulnerabilities.

Approach for Addressing Security Risks

Risks are analyzed for impact and probability to determine severity from Critical, High, Medium, or Low risk. All risks are prioritized by severity and tracked in a Risk Registry. Risks are reviewed during monthly meetings with the teams responsible for remediating the risks. Critical risks are escalated for immediate research and remediation.
Each year DHI requires security awareness training for all employees. All new employees are also required to complete training within thirty days of their start date. The training includes data security best practices in addition to awareness of other security risk categories.

Business Disruption

DHI recognizes the value that our services provide our customers and candidates and the importance of service availability. To support high service availability DHI performs annual risk analysis to describe, rate, and prioritize business continuity risks. Software and IT systems are included in our disaster recovery strategy. We have also identified several scenarios to evaluate and prepare for tabletop exercises. Our plan includes annual execution of tabletop exercises. Scenarios may include ransomware, natural disaster, loss of an office, and data breach.

DHI has established a detailed disaster recovery plan which will be utilized as a part of overall disaster recovery strategy. DHI employed Sungard, known industry leader in the Disaster Recovery as a Service (DRaaS) area to assess and assist us with sections of our Disaster Recovery program. The following are considered key focus areas of our strategy:

  • People: Roles, responsibilities, decision authorities, training, and RACI (responsible, accountable, consulted, informed) responsibility assignment matrix
  • Process: Response and recovery process, communication and collaboration protocols, points of integration with other processes and plans, and data recovery team activation criteria
  • Technology: Clean data analytic environment and compromised server rebuild/replace strategy

DHI’s technical architecture uses cloud and third-party SaaS services providing distributed, scalable, reliable, highly available network services, application services, and infrastructure services. We actively monitor these services and in the event of failure take immediate mitigation action using our incident management processes.

DHI employees are equipped with technology to work from remote locations, including their home. In addition, we have established an incident task force with senior leadership to meet frequently, decide on critical tasks, approve any needed spend and address any concerns. To communicate with departments and other teams, we set up a group of liaisons to gather feedback and address challenges and any operational issues. Decisions by the task force are communicated and implemented through existing communication channels and with the liaisons.

Systemic Risk - Performance

DHI tracks and manages performance issues, service risk, and downtime utilizing guidance and standards set forth in the Information Technology Infrastructure Library (“ITIL”) framework. We have documented processes in the following areas: Incident Management, Problem Management, and Change Management. These processes include stakeholder management, paths for escalation, governance, and quick resolution to detected problems. Information tracked during these processes is logged and managed in our Information Technology Service Management (“ITSM”) software, industry leading service desk software. DHI uses commercially reasonable efforts to maintain availability for each web property with a monthly uptime percentage of at least 99.8%. The reporting period for these metrics is one year, from January 1, 2021, through December 31, 2021.

DHI recognizes that performance issues can impact our clients in significant ways and take service interruptions very seriously. We have established a Monthly Metrics review process to ensure our teams, platform and third-party services are performing at expected levels. For each of these areas, we have key performance indicators that are collected and examined against performance targets and evaluated for significant change in operation. Team members will take necessary actions if we determine something is not operating properly.

DHI uses scalable cloud technologies as the foundation of our client facing web properties and our backend platform components. Our services are also provided across multiple service access points. The result is our ability to update our service without interruption during normal circumstances, and even if an issue occurs, impact can never fully take our service out of operation. Additionally, much of the platform is designed in a service-oriented architecture where performance impacts, when they occur, are limited to only a portion of our service that represents a small feature set, usually a single feature, to our clients. Our complete service offering is designed to never be fully offline, down or inaccessible, as was the case during this reporting period.

SASB defines performance issues as any planned or unplanned downtime causing an interruption, of more than 10 minutes but less than or equal to 30 minutes, in the provision of cloud-based services to customers. Our software is considered a single service, but because we are sensitive to customer needs, we have identified several features of our service as very important to our clients, and therefore we designed our incident management processes with a priority matrix elevating all potentially customer impacting issues to the highest priority, Priority 1. As a part of this decision making and internal tracking, we determine whether our clients may experience a feature interruption and for how long, regardless of whether an actual interruption was experienced by clients, and we track every minute.

The core platform of our service operates in our cloud service provider, a well-known, highly resilient, and efficient cloud environment. While there is quite a capability for fault tolerance and high availability, our cloud service provider experienced 2 significant outages during this reporting period that not only impacted our service, but those of our suppliers, and the vast majority of consumers in the United States. During periods like these, clients reasonably understand we are reliant on our cloud service provider recovery team, who are keeping us updated with the details of their activities. During these 2 cloud service provider outages, our service was operating, but some features were impacted.

As well as our cloud environment, we rely on other well-known, high quality, cloud-based service providers. Occasionally, these service providers have problems, which in turn, impact the features of the service we provide to our clients. Many of these service provider interruptions, if they impact us at all, are limited to a single feature of the service we provide to our clients. During the reporting period we had 1 instance where our content management provider experienced performance issues resulting in a feature disruption.

Performance Issues


2 Performance Issues during this reporting period

27 Minutes - Our content management service provider made a change to the configuration of their services that was not communicated to us. We quickly established a communications channel with them to resolve the issue. Their leadership has committed to better communications about changes in the future.

28 Minutes - During an internal release, an additional index to a database failed to be applied and operational causing performance issues on a table associated to user accounts. We quickly stood up the incident response team and resolved the issue. We have updated deployment and validation procedures to ensure this is not an issue for the future.

Service Disruptions


4 Service Disruptions during this reporting period

74 Minutes – Our cloud service provider experienced an unplanned networking event which impacted some features of our Service. While our Service was not offline, we were unable to take any action until our cloud service provider resolved their issue. We quickly stood up the incident response team and had good communication with our cloud service provider team.

615 Minutes – Our cloud service provider experienced an unplanned system control plane event which impacted some features of our Service. While our Service was not offline, we were unable to take any action until our cloud service provider resolved their issue. We quickly stood up the incident response team and had good communication with our cloud service provider team. https://aws.amazon.com/message/12721/

60 Minutes – Alarms alerted us to some unexpected database activity causing performance degradation. We quickly stood up the incident response team where we discovered some reports were being run with unoptimized queries. The reports were disabled, and the issue was resolved. We have updated reporting procedures to ensure this activity is performed after business hours.

60 Minutes - Alarms alerted us to some unexpected database activity causing performance degradation. We quickly stood up the incident response team where we discovered a database maintenance activity was running. The activity was disabled, and the issue was resolved. We have updated the job parameters to ensure this activity is performed after business hours.

Customer Downtime


Our Service is a single license, consumption-based offering, largely focused on customers who purchase recruitment packages that outline counts of job postings, applications, or candidate views. While significant disruptions to Features of our Service could adversely impact our ability to retain customers and, in turn, effect revenue, customers can perform necessary actions when disruptions to Features are resolved and have no material impact. No data is lost during any Feature disruptions that impact customers. We utilize a cloud-based architecture to deliver our Service and Feature disruptions are generally short in nature, are resolved quickly if caused by a change, and normal customer business operations can resume in less than a business day.

DHI uses a business day consisting of 11 business hours per day across the United States time zones. While our Service was always operational, impacts to Features of our Service are submitted for the Performance Issues and Service Disruptions listed above. SASB defines total customer downtime as the interruption duration of each service disruption multiplied by the number of software and IT services licenses affected, reported in license days.

1.3 Cumulative Business Days of Feature Disruption over 1 Year Achieving 99.9% Availability


DHI’s ESG reporting is based on and in conformance with the Sustainability Accounting Standards Board (SASB) SOFTWARE & IT SERVICES Sustainability Accounting Standard, available at https://www.sasb.org/standards/download/.

Reporting Period: 1/1/21 – 12/31/21