Environmental, social, and governance (ESG) is becoming a critical factor for organizations as they anticipate stricter standards for climate-related reporting. In March of 2022, the Securities and Exchange Commission (SEC) announced proposed rule changes that would require registered companies to disclose climate risks to their investors.
As a result of this change and the tightening of other regulations that aim to combat climate change, companies are recognizing that they need to increase their ESG efforts.
To optimize ESG efforts and demonstrate progress, organizations need to recognize that GRC is integral to ESG risk planning and management. After all, mitigating ESG risk is part of eliminating overall business risk.
ESG as Part of GRC
The SEC’s announcement underscores how ESG affects overall risk for companies, stating that businesses should disclose “information about climate-related risks that are reasonably likely to have a material impact on their business, results of operations, or financial condition.” Such disclosures will include:
- “How any climate-related risks identified by the registrant have had or are likely to have a material impact on its business and consolidated financial statements, which may manifest over the short-, medium-, or long-term”
- “How any identified climate-related risks have affected or are likely to affect the registrant’s strategy, business model, and outlook”
The business impacts listed by the SEC show how environmental risks affect risk for the entire enterprise, putting ESG in the realm of GRC.
One example of an ESG factor that affects company-wide risk management is Scope 1, 2, and 3 Emissions reporting. Emissions are generated by activities across the organization related to transportation, production, and supply chain. Controlling these emissions requires making changes to business strategy and operations.
Governance: The Common Denominator
ESG and GRC are connected by a common denominator: governance. Both GRC and ESG promote transparency as a means of controlling risk. Governance is carried out through internal controls and reporting of any practices that create or manage risk.
To develop an effective ESG strategy, companies must begin with a framework for governance. Organizations should define goals for ESG overall and for its environmental, social, and governance aspects.
The GRC Capability Model for ESG
The think tank OCEG has developed a GRC Capability Model based on research of best practices, which can be used to plan an effective ESG strategy. The GRC Capability Model consists of 4 parts that can be applied to ESG:
- Learn the context of ESG in the organization and what regulators, customers, and investors expect from it.
- Align the organization’s goals with ESG objectives, creating teams that are responsible for documenting and assessing progress.
- Perform ESG processes after first creating ESG-related policies and controls.
- Review ESG efforts through ongoing monitoring and reporting to stakeholders for continuous improvement.
To anticipate how ESG may affect overall business strategy in the future, some companies are using workshops and simulations to understand the repercussions of environmental and social risk and how to manage it.
Earning Trust Through GRC and ESG
Unless they can demonstrate sincere efforts to promote sustainability, companies may lose the trust and loyalty of investors and customers. The 7th Annual Responsible Investing Survey found that 57% of responders would be interested in an investment strategy that included only companies with net-zero carbon emissions.
Ensuring that your company’s ESG efforts are supported by GRC is more about developing strategies and process than implementing tools. While reporting platforms can help with gathering and processing information to assess risk, this information needs to be acted upon.
As a trusted advisor for risk management, SureStep can help your company develop policies and procedures for promoting sustainability throughout your organization. We have proven methods for providing data-driven assessments and building roadmaps for building GRC programs that support ESG and consider the expectations of stakeholders.
Learn how to meet ESG goals using GRC. Request an Integrated Risk Management Consultation with a SureStep expert.