In understanding the important scope of ESG, consider . . .
- The E in ESG is about the environmental impact and commitments of the organization. This focuses on carbon emissions and offsets as well as air, water, minerals, and waste use and disposal. This is the focus of a lot of current and pending regulations to address climate change, but there remains a lot of confusion and understanding on what needs to be done.
- The S in ESG is about the social accountability of the organization. This focuses on the commitment of the organization to abolish human slavery, child labor, forced labor, harassment, and discrimination and address important topics such as inclusivity, diversity, health and safety, and personal privacy. This is the area that has the current greatest reputation impact and risk to corporate brands.
- The G in ESG is about the governance of the organization. This is the most mature area of ESG. It is consistent across industries and addresses the ongoing challenges organizations have been struggling with for decades. This includes internal controls over financial reporting, fraud, anti-bribery and corruption, anti-money laundering, information security, tax transparency, and more.
Another challenge in ESG is that it is not just about traditional brick-and-mortar walls and employees. The modern organization is an extended enterprise. Suppliers, vendors, outsourcers, service providers, contractors, consultants, and more all impact the ESG program and reporting of an organization. An organization cannot address ESG without ensuring shared values and commitments, with assurance, across its third-party and downstream relationships. A few regulations have been focusing on this aspect of ESG, such as Tier 3 in the SEC’s carbon emission proposal as well as Germany’s Corporation’s Due Diligence Act and the corresponding EU Directive.
So where does an organization start to deliver on ESG? ESG, in the end, is about reporting the organization in its corporate filings and reports as well as to frameworks such as GRI and SASB (among others). Delivering on ESG reporting is done through what is known as GRC (governance, risk management and compliance as defined and operationalized in the OCEG GRC Capability Model) or its counterpart IRM (Integrated Risk Management).
While the individual elements of ESG will vary by industry and scope of ESG within organizations, the following common practical elements on delivering ESG come to the top-down approach of strategy, policy, process, and technology. Here are 4 practical elements of building a strong ESG proposition:
1. ESG Strategy
2. ESG Policies
3. ESG Processes
4. ESG Technology
Conclusion
ESG is top of mind for forward-thinking enterprises that aspire to achieve their sustainability objectives. But building a robust ESG strategy can be complex; not every organization understands how best to approach it.
Register for our recent webinar—“Bringing Your ESG Strategy to Life” to learn how the latest technologies like Data Analytics & AI and ServiceNow can help your enterprise create a strong ESG proposition.
Author
Michael Rasmussen
Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC). With 28+ years of experience, Michael helps organizations improve GRC processes and choose technologies that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in 2002 while at Forrester.